scanoss 0.11.0 → 0.11.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/build/main/cli/bin/cli-bin.js +55 -54
- package/build/main/sdk/Dependencies/LocalDependency/parsers/npmParser.js +19 -18
- package/build/main/sdk/Dependencies/LocalDependency/parsers/parser.spec.js +191 -69
- package/build/main/tsconfig.tsbuildinfo +14 -10
- package/build/module/cli/bin/cli-bin.js +57 -56
- package/build/module/sdk/Dependencies/LocalDependency/parsers/npmParser.js +19 -18
- package/build/module/sdk/Dependencies/LocalDependency/parsers/parser.spec.js +194 -72
- package/build/module/tsconfig.module.tsbuildinfo +14 -10
- package/package.json +4 -7
|
@@ -1092,7 +1092,7 @@
|
|
|
1092
1092
|
"affectsGlobalScope": false
|
|
1093
1093
|
},
|
|
1094
1094
|
"../../src/sdk/Dependencies/LocalDependency/parsers/npmParser.ts": {
|
|
1095
|
-
"version": "
|
|
1095
|
+
"version": "be0319b96ae93f9db7702bb5b5520f5dc72bd958fbc2b87ff7107857614c01a9",
|
|
1096
1096
|
"signature": "42f317f68c7debfec90d4435f03d13069d06e1150e89d09041951cc4da9c49b2",
|
|
1097
1097
|
"affectsGlobalScope": false
|
|
1098
1098
|
},
|
|
@@ -1277,8 +1277,8 @@
|
|
|
1277
1277
|
"affectsGlobalScope": false
|
|
1278
1278
|
},
|
|
1279
1279
|
"../../node_modules/commander/typings/index.d.ts": {
|
|
1280
|
-
"version": "
|
|
1281
|
-
"signature": "
|
|
1280
|
+
"version": "17d716b12c230355d207d8b464a3359e13041c0cbb94c243981618e279f57670",
|
|
1281
|
+
"signature": "17d716b12c230355d207d8b464a3359e13041c0cbb94c243981618e279f57670",
|
|
1282
1282
|
"affectsGlobalScope": false
|
|
1283
1283
|
},
|
|
1284
1284
|
"../../src/sdk/Filtering/DefaultFilterForDependencies.ts": {
|
|
@@ -1301,11 +1301,6 @@
|
|
|
1301
1301
|
"signature": "9a00c2707323b806220877e6528108811ed92e580922d77a8ba1959b85fbb474",
|
|
1302
1302
|
"affectsGlobalScope": false
|
|
1303
1303
|
},
|
|
1304
|
-
"../../src/cli/commands/wfp.ts": {
|
|
1305
|
-
"version": "fef1a2ff5e663791d133f13a140e8ba3792dc38ffcb14de0e349e532efe9fe35",
|
|
1306
|
-
"signature": "2f1d9f3ac804ba0f5ef9dfb34eebc0ba9f00e5cd98092ae23f3d50fc49de8298",
|
|
1307
|
-
"affectsGlobalScope": false
|
|
1308
|
-
},
|
|
1309
1304
|
"../../src/sdk/Filtering/DefaultFilterForScanning.ts": {
|
|
1310
1305
|
"version": "ae3781cbda782d3df2233dbeef699b57a83699b0d26f97428eda0131dbe84d27",
|
|
1311
1306
|
"signature": "71cf507f6a0fa25a562580e98861acf1c8881b649bdecc50e9e10bbac57eb149",
|
|
@@ -1326,8 +1321,13 @@
|
|
|
1326
1321
|
"signature": "f2270f14186fb9298c65d83f391db3cefc5e9c40bfae8007515176acc583e131",
|
|
1327
1322
|
"affectsGlobalScope": false
|
|
1328
1323
|
},
|
|
1324
|
+
"../../src/cli/commands/wfp.ts": {
|
|
1325
|
+
"version": "fef1a2ff5e663791d133f13a140e8ba3792dc38ffcb14de0e349e532efe9fe35",
|
|
1326
|
+
"signature": "2f1d9f3ac804ba0f5ef9dfb34eebc0ba9f00e5cd98092ae23f3d50fc49de8298",
|
|
1327
|
+
"affectsGlobalScope": false
|
|
1328
|
+
},
|
|
1329
1329
|
"../../src/cli/bin/cli-bin.ts": {
|
|
1330
|
-
"version": "
|
|
1330
|
+
"version": "bd298bd7315359eae4141d98632734131eaac891587c80581e0024517b9f9e2a",
|
|
1331
1331
|
"signature": "43e818adf60173644896298637f47b01d5819b17eda46eaa32d0c7d64724d012",
|
|
1332
1332
|
"affectsGlobalScope": false
|
|
1333
1333
|
},
|
|
@@ -1342,7 +1342,7 @@
|
|
|
1342
1342
|
"affectsGlobalScope": false
|
|
1343
1343
|
},
|
|
1344
1344
|
"../../src/sdk/Dependencies/LocalDependency/parsers/parser.spec.ts": {
|
|
1345
|
-
"version": "
|
|
1345
|
+
"version": "d46b1756e93abe52b1cb49f9086d6b803b9b155ae2f63e856c21ba2409ec1d5c",
|
|
1346
1346
|
"signature": "8e609bb71c20b858c77f0e9f90bb1319db8477b13f9f965f1a1e18524bf50881",
|
|
1347
1347
|
"affectsGlobalScope": false
|
|
1348
1348
|
},
|
|
@@ -2687,7 +2687,11 @@
|
|
|
2687
2687
|
"../../node_modules/@types/chai/index.d.ts",
|
|
2688
2688
|
"../../node_modules/@types/node/util.d.ts",
|
|
2689
2689
|
"../../src/sdk/Dependencies/LocalDependency/DependencyTypes.ts",
|
|
2690
|
+
"../../src/sdk/Dependencies/LocalDependency/parsers/buildGradleParser.ts",
|
|
2691
|
+
"../../src/sdk/Dependencies/LocalDependency/parsers/golangParser.ts",
|
|
2690
2692
|
"../../src/sdk/Dependencies/LocalDependency/parsers/mavenParser.ts",
|
|
2693
|
+
"../../src/sdk/Dependencies/LocalDependency/parsers/npmParser.ts",
|
|
2694
|
+
"../../src/sdk/Dependencies/LocalDependency/parsers/nugetParser.ts",
|
|
2691
2695
|
"../../src/sdk/Dependencies/LocalDependency/parsers/python/PyProjectToml.ts"
|
|
2692
2696
|
],
|
|
2693
2697
|
"../../src/sdk/Dependencies/LocalDependency/parsers/pyParser.ts": [
|
|
@@ -1,75 +1,76 @@
|
|
|
1
1
|
#!/usr/bin/env node
|
|
2
|
-
import {
|
|
3
|
-
import {
|
|
4
|
-
import {
|
|
5
|
-
import { scanHandler } from
|
|
6
|
-
import {
|
|
2
|
+
import { Argument, Command, Option } from "commander";
|
|
3
|
+
import { Utils } from "../../sdk/Utils/Utils";
|
|
4
|
+
import { depHandler } from "../commands/dep";
|
|
5
|
+
import { scanHandler } from "../commands/scan";
|
|
6
|
+
import { wfpHandler } from "../commands/wfp";
|
|
7
7
|
function CLIErrorHandler(e) {
|
|
8
|
-
console.error(
|
|
8
|
+
console.error(" ");
|
|
9
9
|
console.error(e);
|
|
10
10
|
process.exit(1);
|
|
11
11
|
}
|
|
12
12
|
async function main() {
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
.option('-v, --verbose', 'Makes scan operation verbose')
|
|
43
|
-
.action((source, options) => {
|
|
13
|
+
const scan = new Command("scan");
|
|
14
|
+
scan.addArgument(new Argument("<source>"));
|
|
15
|
+
scan.description("Scan a folder/file");
|
|
16
|
+
scan.addHelpText("after", "Example:\n$ scanoss-js scan -o scan-output.json <source-folder>");
|
|
17
|
+
scan.addOption(new Option("-w, --wfp", "Scan a .wfp file instead of a folder"));
|
|
18
|
+
scan.addOption(new Option("-H, --hpsm", "Scan using winnowing high precision matching"));
|
|
19
|
+
scan.addOption(new Option("-x, --extract", "Extract compressed files before launch scan in folder <<zip_name>>-unzipped"));
|
|
20
|
+
scan.addOption(new Option(" --extract-overwrite", "Overwrite folder when decompressing if exists"));
|
|
21
|
+
scan.addOption(new Option(" --extract-deep <number>", "Sets uncompress recursion level"));
|
|
22
|
+
scan.addOption(new Option(" --extract-suffix <suffix>", "Sets suffix for the folder name"));
|
|
23
|
+
scan.addOption(new Option("-c, --concurrency <number>", "Number of concurrent connections to use while scanning (optional -default 10)"));
|
|
24
|
+
scan.addOption(new Option("-n, --ignore <ignore>", "Ignore components specified in the SBOM file"));
|
|
25
|
+
scan.addOption(new Option("-o, --output <filename>", "Output result file name (optional - default stdout)"));
|
|
26
|
+
scan.addOption(new Option("-f, --format <format>", "Result output format").choices(["json", "html"]));
|
|
27
|
+
scan.addOption(new Option("-F, --flags <flags>", "Scanning engine flags (1: disable snippet matching, 2 enable snippet ids, 4: disable dependencies, 8: disable licenses, 16: disable copyrights,32: disable vulnerabilities, 64: disable quality, 128: disable cryptography,256: disable best match, 512: Report identified files)"));
|
|
28
|
+
scan.addOption(new Option("-P, --post-size postsize>", "Number of kilobytes to limit the post to while scanning (optional - default 32)"));
|
|
29
|
+
scan.addOption(new Option("-R, --max-retry <retry>", "Max number of retries for each POST (optional -default 5)"));
|
|
30
|
+
scan.addOption(new Option("-M, --timeout <timeout>", "Timeout (in seconds) for API communication (optional -default 120)"));
|
|
31
|
+
scan.addOption(new Option(" --obfuscate", "Obfuscate fingerprints"));
|
|
32
|
+
scan.addOption(new Option("-D, --dependencies", "Add dependency scanning"));
|
|
33
|
+
scan.addOption(new Option(" --apiurl <apiurl>", "SCANOSS API URL (optional - default: https://osskb.org/api/scan/direct)"));
|
|
34
|
+
scan.addOption(new Option(" --api2url <api2url>", "SCANOSS gRPC API 2.0 URL (optional - default: scanoss.com:443)"));
|
|
35
|
+
scan.addOption(new Option("-k, --key <key>", "SCANOSS API Key token (optional - not required for default OSSKB URL)"));
|
|
36
|
+
scan.addOption(new Option(" --ignore-cert-errors", "Ignore self signed certificate errors"));
|
|
37
|
+
scan.addOption(new Option(" --ca-cert <cert>", "Specify a path for a cert used in SSL/TLS connection"));
|
|
38
|
+
scan.addOption(new Option(" --proxy <proxy>", "Proxy URL to use for connections (optional). Can also use the environment variable \"HTTPS_PROXY=[ip]:[port]\" and \"grcp_proxy=[ip]:[port]\" for gRPC"));
|
|
39
|
+
scan.addOption(new Option(" --pac <pac>", "Proxy auto configuration (optional). Specify a file, http url or ftp url"));
|
|
40
|
+
scan.addOption(new Option("-v, --verbose", "Makes scan operation verbose"));
|
|
41
|
+
scan.action((source, options) => {
|
|
44
42
|
scanHandler(source, options).catch((e) => {
|
|
45
43
|
CLIErrorHandler(e);
|
|
46
44
|
});
|
|
47
|
-
})
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
.option('-o, --output <filename>', 'Output result file name (optional - default stdout)')
|
|
55
|
-
.option('-a, --grpc-host <host>', 'SCANOSS GRPC HOST (optional - default: scanoss.com:443)')
|
|
56
|
-
.action((source, options) => {
|
|
45
|
+
});
|
|
46
|
+
const dependencies = new Command("dep");
|
|
47
|
+
dependencies.description("Scan for dependencies");
|
|
48
|
+
dependencies.addArgument(new Argument("<source>"));
|
|
49
|
+
dependencies.addOption(new Option("-o, --output <filename>", "Output result file name (optional - default stdout)"));
|
|
50
|
+
dependencies.addOption(new Option("-a, --grpc-host <host>", "SCANOSS GRPC HOST (optional - default: scanoss.com:443)"));
|
|
51
|
+
dependencies.action((source, options) => {
|
|
57
52
|
depHandler(source, options).catch((e) => {
|
|
58
53
|
CLIErrorHandler(e);
|
|
59
54
|
});
|
|
60
55
|
});
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
56
|
+
const fingerprint = new Command("wfp");
|
|
57
|
+
fingerprint.addArgument(new Argument("<source>"));
|
|
58
|
+
fingerprint.description("Generates fingerprints for a folder/file");
|
|
59
|
+
fingerprint.addOption(new Option("-H, --hpsm", "Scan using winnowing high precision matching"));
|
|
60
|
+
fingerprint.addOption(new Option("--obfuscate", "Obfuscate fingerprints"));
|
|
61
|
+
fingerprint.addOption(new Option("-o, --output <filename>", "Output result file name (optional - default stdout)"));
|
|
62
|
+
fingerprint.addOption(new Option("-p, --block-size <size>", "Maximum size in Kb for each fingerprint block (optional - default 64Kb)"));
|
|
63
|
+
fingerprint.action((source, options) => {
|
|
69
64
|
wfpHandler(source, options).catch((e) => {
|
|
70
65
|
CLIErrorHandler(e);
|
|
71
66
|
});
|
|
72
67
|
});
|
|
68
|
+
const program = new Command();
|
|
69
|
+
program.version(Utils.getPackageVersion());
|
|
70
|
+
program.description("The SCANOSS JS package provides a simple, easy to consume module for interacting with SCANOSS APIs/Engine.");
|
|
71
|
+
program.addCommand(scan);
|
|
72
|
+
program.addCommand(dependencies);
|
|
73
|
+
program.addCommand(fingerprint);
|
|
73
74
|
await program.parseAsync(process.argv);
|
|
74
75
|
}
|
|
75
76
|
try {
|
|
@@ -79,4 +80,4 @@ catch (e) {
|
|
|
79
80
|
console.error(e);
|
|
80
81
|
process.exit(1);
|
|
81
82
|
}
|
|
82
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
83
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xpLWJpbi5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3NyYy9jbGkvYmluL2NsaS1iaW4udHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUNBLE9BQU8sRUFBRSxRQUFRLEVBQUUsT0FBTyxFQUFFLE1BQU0sRUFBRSxNQUFNLFdBQVcsQ0FBQztBQUV0RCxPQUFPLEVBQUUsS0FBSyxFQUFFLE1BQU0sdUJBQXVCLENBQUM7QUFDOUMsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLGlCQUFpQixDQUFDO0FBQzdDLE9BQU8sRUFBRSxXQUFXLEVBQUUsTUFBTSxrQkFBa0IsQ0FBQztBQUMvQyxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0saUJBQWlCLENBQUM7QUFFN0MsU0FBUyxlQUFlLENBQUMsQ0FBUTtJQUMvQixPQUFPLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDO0lBQ25CLE9BQU8sQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFDakIsT0FBTyxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQztBQUNsQixDQUFDO0FBRUQsS0FBSyxVQUFVLElBQUk7SUFFakIsTUFBTSxJQUFJLEdBQUcsSUFBSSxPQUFPLENBQUMsTUFBTSxDQUFDLENBQUM7SUFDakMsSUFBSSxDQUFDLFdBQVcsQ0FBQyxJQUFJLFFBQVEsQ0FBQyxVQUFVLENBQUMsQ0FBQyxDQUFDO0lBQzNDLElBQUksQ0FBQyxXQUFXLENBQUMsb0JBQW9CLENBQUMsQ0FBQztJQUN2QyxJQUFJLENBQUMsV0FBVyxDQUFDLE9BQU8sRUFBRSxpRUFBaUUsQ0FBQyxDQUFDO0lBRTdGLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxNQUFNLENBQUMsV0FBVyxFQUFFLHNDQUFzQyxDQUFDLENBQUMsQ0FBQztJQUNoRixJQUFJLENBQUMsU0FBUyxDQUFDLElBQUksTUFBTSxDQUFDLFlBQVksRUFBRSw4Q0FBOEMsQ0FBQyxDQUFDLENBQUM7SUFDekYsSUFBSSxDQUFDLFNBQVMsQ0FBQyxJQUFJLE1BQU0sQ0FBQyxlQUFlLEVBQUUsNkVBQTZFLENBQUMsQ0FBQyxDQUFDO0lBQzNILElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxNQUFNLENBQUMsd0JBQXdCLEVBQUUsK0NBQStDLENBQUMsQ0FBQyxDQUFDO0lBQ3RHLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxNQUFNLENBQUMsNEJBQTRCLEVBQUUsaUNBQWlDLENBQUMsQ0FBQyxDQUFDO0lBQzVGLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxNQUFNLENBQUMsOEJBQThCLEVBQUUsaUNBQWlDLENBQUMsQ0FBQyxDQUFDO0lBQzlGLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxNQUFNLENBQUMsNEJBQTRCLEVBQUUsK0VBQStFLENBQUMsQ0FBQyxDQUFDO0lBQzFJLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxNQUFNLENBQUMsdUJBQXVCLEVBQUUsOENBQThDLENBQUMsQ0FBQyxDQUFDO0lBQ3BHLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxNQUFNLENBQUMseUJBQXlCLEVBQUUscURBQXFELENBQUMsQ0FBQyxDQUFDO0lBQzdHLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxNQUFNLENBQUMsdUJBQXVCLEVBQUUsc0JBQXNCLENBQUMsQ0FBQyxPQUFPLENBQUMsQ0FBQyxNQUFNLEVBQUUsTUFBTSxDQUFDLENBQUMsQ0FBQyxDQUFDO0lBQ3RHLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxNQUFNLENBQUMscUJBQXFCLEVBQUUsbVJBQW1SLENBQUMsQ0FBQyxDQUFDO0lBQ3ZVLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxNQUFNLENBQUMsMkJBQTJCLEVBQUUsaUZBQWlGLENBQUMsQ0FBQyxDQUFDO0lBQzNJLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxNQUFNLENBQUMseUJBQXlCLEVBQUUsMkRBQTJELENBQUMsQ0FBQyxDQUFDO0lBQ25ILElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxNQUFNLENBQUMseUJBQXlCLEVBQUUsb0VBQW9FLENBQUMsQ0FBQyxDQUFDO0lBQzVILElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxNQUFNLENBQUMsaUJBQWlCLEVBQUUsd0JBQXdCLENBQUMsQ0FBQyxDQUFDO0lBQ3hFLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxNQUFNLENBQUMsb0JBQW9CLEVBQUUseUJBQXlCLENBQUMsQ0FBQyxDQUFDO0lBQzVFLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxNQUFNLENBQUMsdUJBQXVCLEVBQUUseUVBQXlFLENBQUMsQ0FBQyxDQUFDO0lBQy9ILElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxNQUFNLENBQUMseUJBQXlCLEVBQUUsZ0VBQWdFLENBQUMsQ0FBQyxDQUFDO0lBQ3hILElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxNQUFNLENBQUMsaUJBQWlCLEVBQUUsdUVBQXVFLENBQUMsQ0FBQyxDQUFDO0lBQ3ZILElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxNQUFNLENBQUMsMEJBQTBCLEVBQUUsdUNBQXVDLENBQUMsQ0FBQyxDQUFDO0lBQ2hHLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxNQUFNLENBQUMsc0JBQXNCLEVBQUUsc0RBQXNELENBQUMsQ0FBQyxDQUFDO0lBQzNHLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxNQUFNLENBQUMscUJBQXFCLEVBQUUsd0pBQXdKLENBQUMsQ0FBQyxDQUFDO0lBQzVNLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxNQUFNLENBQUMsaUJBQWlCLEVBQUUsMEVBQTBFLENBQUMsQ0FBQyxDQUFDO0lBQzFILElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxNQUFNLENBQUMsZUFBZSxFQUFFLDhCQUE4QixDQUFDLENBQUMsQ0FBQztJQUU1RSxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUMsTUFBTSxFQUFFLE9BQU8sRUFBRSxFQUFFO1FBQzlCLFdBQVcsQ0FBQyxNQUFNLEVBQUUsT0FBTyxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUU7WUFDdkMsZUFBZSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQ3JCLENBQUMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQyxDQUFDLENBQUM7SUFHSCxNQUFNLFlBQVksR0FBRyxJQUFJLE9BQU8sQ0FBQyxLQUFLLENBQUMsQ0FBQztJQUN4QyxZQUFZLENBQUMsV0FBVyxDQUFDLHVCQUF1QixDQUFDLENBQUM7SUFDbEQsWUFBWSxDQUFDLFdBQVcsQ0FBQyxJQUFJLFFBQVEsQ0FBQyxVQUFVLENBQUMsQ0FBQyxDQUFDO0lBRW5ELFlBQVksQ0FBQyxTQUFTLENBQUMsSUFBSSxNQUFNLENBQUMseUJBQXlCLEVBQUUscURBQXFELENBQUMsQ0FBQyxDQUFDO0lBQ3JILFlBQVksQ0FBQyxTQUFTLENBQUMsSUFBSSxNQUFNLENBQUMsd0JBQXdCLEVBQUUseURBQXlELENBQUMsQ0FBQyxDQUFDO0lBRXhILFlBQVksQ0FBQyxNQUFNLENBQUMsQ0FBQyxNQUFNLEVBQUUsT0FBTyxFQUFFLEVBQUU7UUFDdEMsVUFBVSxDQUFDLE1BQU0sRUFBRSxPQUFPLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRTtZQUN0QyxlQUFlLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDckIsQ0FBQyxDQUFDLENBQUM7SUFDTCxDQUFDLENBQUMsQ0FBQztJQUdILE1BQU0sV0FBVyxHQUFHLElBQUksT0FBTyxDQUFDLEtBQUssQ0FBQyxDQUFDO0lBQ3ZDLFdBQVcsQ0FBQyxXQUFXLENBQUMsSUFBSSxRQUFRLENBQUMsVUFBVSxDQUFDLENBQUMsQ0FBQztJQUdsRCxXQUFXLENBQUMsV0FBVyxDQUFDLDBDQUEwQyxDQUFDLENBQUM7SUFDcEUsV0FBVyxDQUFDLFNBQVMsQ0FBQyxJQUFJLE1BQU0sQ0FBQyxZQUFZLEVBQUUsOENBQThDLENBQUMsQ0FBQyxDQUFDO0lBQ2hHLFdBQVcsQ0FBQyxTQUFTLENBQUMsSUFBSSxNQUFNLENBQUMsYUFBYSxFQUFFLHdCQUF3QixDQUFDLENBQUMsQ0FBQztJQUMzRSxXQUFXLENBQUMsU0FBUyxDQUFDLElBQUksTUFBTSxDQUFDLHlCQUF5QixFQUFFLHFEQUFxRCxDQUFDLENBQUMsQ0FBQztJQUNwSCxXQUFXLENBQUMsU0FBUyxDQUFDLElBQUksTUFBTSxDQUFDLHlCQUF5QixFQUFFLHlFQUF5RSxDQUFDLENBQUMsQ0FBQztJQUV4SSxXQUFXLENBQUMsTUFBTSxDQUFDLENBQUMsTUFBTSxFQUFFLE9BQU8sRUFBRSxFQUFFO1FBQ3JDLFVBQVUsQ0FBQyxNQUFNLEVBQUUsT0FBTyxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUU7WUFDdEMsZUFBZSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQ3JCLENBQUMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQyxDQUFDLENBQUM7SUFHSCxNQUFNLE9BQU8sR0FBRyxJQUFJLE9BQU8sRUFBRSxDQUFDO0lBQzlCLE9BQU8sQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDLGlCQUFpQixFQUFFLENBQUMsQ0FBQztJQUMzQyxPQUFPLENBQUMsV0FBVyxDQUFDLDRHQUE0RyxDQUFDLENBQUM7SUFDbEksT0FBTyxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQUMsQ0FBQztJQUN6QixPQUFPLENBQUMsVUFBVSxDQUFDLFlBQVksQ0FBQyxDQUFDO0lBQ2pDLE9BQU8sQ0FBQyxVQUFVLENBQUMsV0FBVyxDQUFDLENBQUM7SUFFaEMsTUFBTSxPQUFPLENBQUMsVUFBVSxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUMsQ0FBQztBQUN6QyxDQUFDO0FBRUQsSUFBSTtJQUNGLElBQUksRUFBRSxDQUFDO0NBQ1I7QUFBQyxPQUFPLENBQUMsRUFBRTtJQUNWLE9BQU8sQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFDakIsT0FBTyxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQztDQUNqQiJ9
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
import path from "path";
|
|
2
2
|
import { PackageURL } from "packageurl-js";
|
|
3
|
-
const PURL_TYPE =
|
|
3
|
+
const PURL_TYPE = "npm";
|
|
4
4
|
// Parse a package.json file from node projects
|
|
5
5
|
// See reference on: https://docs.npmjs.com/cli/v8/configuring-npm/package-json
|
|
6
|
-
const MANIFEST_FILE =
|
|
6
|
+
const MANIFEST_FILE = "package.json";
|
|
7
7
|
export function packageParser(fileContent, filePath) {
|
|
8
8
|
// If the file is not manifest file, return an empty results
|
|
9
9
|
const results = { file: filePath, purls: [] };
|
|
@@ -24,9 +24,10 @@ export function packageParser(fileContent, filePath) {
|
|
|
24
24
|
}
|
|
25
25
|
// Parse a package-lock.json file from node projects
|
|
26
26
|
// See reference on: https://docs.npmjs.com/cli/v8/configuring-npm/package-json
|
|
27
|
+
const dRegex = new RegExp(/.*node_modules\/((?<scope>@.*)\/)?(?<p_name>.*)$/);
|
|
27
28
|
export function packagelockParser(fileContent, filePath) {
|
|
28
29
|
const results = { file: filePath, purls: [] };
|
|
29
|
-
if (path.basename(filePath) !=
|
|
30
|
+
if (path.basename(filePath) != "package-lock.json")
|
|
30
31
|
return Promise.resolve(results);
|
|
31
32
|
const packages = JSON.parse(fileContent)?.packages;
|
|
32
33
|
if (!packages)
|
|
@@ -34,17 +35,16 @@ export function packagelockParser(fileContent, filePath) {
|
|
|
34
35
|
for (const [key, value] of Object.entries(packages)) {
|
|
35
36
|
if (!key)
|
|
36
37
|
continue;
|
|
37
|
-
const
|
|
38
|
-
|
|
39
|
-
let
|
|
40
|
-
let req = value['version'];
|
|
38
|
+
const dep = key.match(dRegex);
|
|
39
|
+
let purl = new PackageURL(PURL_TYPE, dep.groups.scope, dep.groups.p_name, undefined, undefined, undefined).toString();
|
|
40
|
+
let req = value["version"];
|
|
41
41
|
results.purls.push({ purl: purl, requirement: req });
|
|
42
42
|
}
|
|
43
43
|
return Promise.resolve(results);
|
|
44
44
|
}
|
|
45
45
|
export function yarnLockParser(fileContent, filePath) {
|
|
46
46
|
const results = { file: filePath, purls: [] };
|
|
47
|
-
if (path.basename(filePath) !=
|
|
47
|
+
if (path.basename(filePath) != "yarn.lock")
|
|
48
48
|
return Promise.resolve(results);
|
|
49
49
|
const yarnVersion = yarnLockRecognizeVersion(fileContent);
|
|
50
50
|
if (yarnVersion === YarnLockVersionEnum.V1)
|
|
@@ -73,9 +73,9 @@ var YarnLockVersionEnum;
|
|
|
73
73
|
export function yarnLockRecognizeVersion(fileContent) {
|
|
74
74
|
const yarn = fileContent.split("\n", 10); //Check only the first 10 lines;
|
|
75
75
|
for (const line of yarn) {
|
|
76
|
-
if (line.includes(
|
|
76
|
+
if (line.includes("__metadata:"))
|
|
77
77
|
return YarnLockVersionEnum.V2;
|
|
78
|
-
if (line.includes(
|
|
78
|
+
if (line.includes("yarn lockfile v1"))
|
|
79
79
|
return YarnLockVersionEnum.V1;
|
|
80
80
|
}
|
|
81
81
|
return YarnLockVersionEnum.UnknownYarnLockFormat;
|
|
@@ -104,18 +104,19 @@ export function yarnLockV1Parser(fileContent, filePath) {
|
|
|
104
104
|
for (const dep_line of dep_lines) {
|
|
105
105
|
// Clean comments and empty lines
|
|
106
106
|
const trimmed = dep_line.trim();
|
|
107
|
-
const comment = trimmed.startsWith(
|
|
107
|
+
const comment = trimmed.startsWith("#");
|
|
108
108
|
if (!trimmed || comment)
|
|
109
109
|
continue;
|
|
110
110
|
// Do nothing with it's own dependencies
|
|
111
111
|
// "@babel/code-frame" "^7.0.0"
|
|
112
112
|
// "@babel/generator" "^7.3.4"
|
|
113
|
-
if (dep_line.startsWith(
|
|
113
|
+
if (dep_line.startsWith(" ".repeat(4))) {
|
|
114
|
+
}
|
|
114
115
|
// version "7.3.4"
|
|
115
116
|
// resolved "https://registry.yarnpkg.com/@babel/core/-/core-7.3.4.tgz#921a5a13746c21e32445bf0798680e9d11a6530b"
|
|
116
117
|
// integrity sha512-jRsuseXBo9pN197KnDwhhaaBzyZr2oIcLHHTt2oDdQrej5Qp57dCCJafWx5ivU8/alEYDpssYqv1MUqcxwQlrA==
|
|
117
118
|
// dependencies:
|
|
118
|
-
else if (dep_line.startsWith(
|
|
119
|
+
else if (dep_line.startsWith(" ".repeat(2))) {
|
|
119
120
|
const dep = trimmed.split(" ");
|
|
120
121
|
const key = dep[0].trim();
|
|
121
122
|
if (key !== "dependencies:" && key !== "optionalDependencies:") {
|
|
@@ -124,7 +125,7 @@ export function yarnLockV1Parser(fileContent, filePath) {
|
|
|
124
125
|
}
|
|
125
126
|
// the first line of a dependency has the name and requirements
|
|
126
127
|
//"@babel/core@^7.1.0", "@babel/core@^7.3.4":
|
|
127
|
-
else if (!dep_line.startsWith(
|
|
128
|
+
else if (!dep_line.startsWith(" ")) {
|
|
128
129
|
const dep = dep_line.replace(/:/g, "").split(",");
|
|
129
130
|
const requirements = dep.map(line => line.trim().replace(/"|'/g, ""));
|
|
130
131
|
for (const req of requirements) {
|
|
@@ -132,7 +133,7 @@ export function yarnLockV1Parser(fileContent, filePath) {
|
|
|
132
133
|
let constraint = req.slice(atIndex + 1); // gets ^7.1.0
|
|
133
134
|
constraint = constraint.replace(/"|'/g, "");
|
|
134
135
|
const ns_name = req.slice(0, atIndex);
|
|
135
|
-
let ns =
|
|
136
|
+
let ns = "";
|
|
136
137
|
let name = ns_name;
|
|
137
138
|
if (ns_name.includes("/")) {
|
|
138
139
|
const slashIndex = req.lastIndexOf("/");
|
|
@@ -154,9 +155,9 @@ export function yarnLockV1Parser(fileContent, filePath) {
|
|
|
154
155
|
const topRequirement = topRequirements[0];
|
|
155
156
|
const namespace = topRequirement.ns;
|
|
156
157
|
const name = topRequirement.name;
|
|
157
|
-
const version = dependencyData[
|
|
158
|
+
const version = dependencyData["version"];
|
|
158
159
|
const purl = new PackageURL(PURL_TYPE, namespace, name, version, undefined, undefined).toString();
|
|
159
|
-
let requirement =
|
|
160
|
+
let requirement = "";
|
|
160
161
|
for (const topRequirement of topRequirements) {
|
|
161
162
|
requirement += topRequirement.constraint + ", ";
|
|
162
163
|
}
|
|
@@ -172,4 +173,4 @@ export function yarnLockV2Parser(fileContent, filePath) {
|
|
|
172
173
|
const results = { file: filePath, purls: [] };
|
|
173
174
|
return Promise.resolve(results);
|
|
174
175
|
}
|
|
175
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
176
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibnBtUGFyc2VyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vLi4vc3JjL3Nkay9EZXBlbmRlbmNpZXMvTG9jYWxEZXBlbmRlbmN5L3BhcnNlcnMvbnBtUGFyc2VyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sSUFBSSxNQUFNLE1BQU0sQ0FBQztBQUN4QixPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0sZUFBZSxDQUFDO0FBRzNDLE1BQU0sU0FBUyxHQUFHLEtBQUssQ0FBQztBQUd4QiwrQ0FBK0M7QUFDL0MsK0VBQStFO0FBQy9FLE1BQU0sYUFBYSxHQUFHLGNBQWMsQ0FBQztBQUVyQyxNQUFNLFVBQVUsYUFBYSxDQUFDLFdBQW1CLEVBQUUsUUFBZ0I7SUFDakUsNERBQTREO0lBQzVELE1BQU0sT0FBTyxHQUFxQixFQUFFLElBQUksRUFBRSxRQUFRLEVBQUUsS0FBSyxFQUFFLEVBQUUsRUFBRSxDQUFDO0lBQ2hFLElBQUksSUFBSSxDQUFDLFFBQVEsQ0FBQyxRQUFRLENBQUMsSUFBSSxhQUFhO1FBQzFDLE9BQU8sT0FBTyxDQUFDLE9BQU8sQ0FBQyxPQUFPLENBQUMsQ0FBQztJQUVsQyxNQUFNLENBQUMsR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLFdBQVcsQ0FBQyxDQUFDO0lBQ2xDLElBQUksT0FBTyxHQUFHLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLGVBQWUsSUFBSSxFQUFFLENBQUMsQ0FBQztJQUNuRCxJQUFJLElBQUksR0FBRyxNQUFNLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQyxZQUFZLElBQUksRUFBRSxDQUFDLENBQUM7SUFFN0MsS0FBSyxNQUFNLElBQUksSUFBSSxJQUFJLEVBQUU7UUFDdkIsTUFBTSxVQUFVLEdBQUcsSUFBSSxVQUFVLENBQUMsU0FBUyxFQUFFLFNBQVMsRUFBRSxJQUFJLEVBQUUsU0FBUyxFQUFFLFNBQVMsRUFBRSxTQUFTLENBQUMsQ0FBQyxRQUFRLEVBQUUsQ0FBQztRQUMxRyxPQUFPLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxFQUFFLElBQUksRUFBRSxVQUFVLEVBQUUsS0FBSyxFQUFFLGNBQWMsRUFBRSxXQUFXLEVBQUUsQ0FBQyxDQUFDLFlBQVksQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDLENBQUM7S0FDcEc7SUFFRCxLQUFLLE1BQU0sSUFBSSxJQUFJLE9BQU8sRUFBRTtRQUMxQixNQUFNLFVBQVUsR0FBRyxJQUFJLFVBQVUsQ0FBQyxTQUFTLEVBQUUsU0FBUyxFQUFFLElBQUksRUFBRSxTQUFTLEVBQUUsU0FBUyxFQUFFLFNBQVMsQ0FBQyxDQUFDLFFBQVEsRUFBRSxDQUFDO1FBQzFHLE9BQU8sQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLEVBQUUsSUFBSSxFQUFFLFVBQVUsRUFBRSxLQUFLLEVBQUUsaUJBQWlCLEVBQUUsV0FBVyxFQUFFLENBQUMsQ0FBQyxlQUFlLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxDQUFDO0tBQzFHO0lBRUQsT0FBTyxPQUFPLENBQUMsT0FBTyxDQUFDLE9BQU8sQ0FBQyxDQUFDO0FBQ2xDLENBQUM7QUFHRCxvREFBb0Q7QUFDcEQsK0VBQStFO0FBRS9FLE1BQU0sTUFBTSxHQUFHLElBQUksTUFBTSxDQUFDLGtEQUFrRCxDQUFDLENBQUM7QUFFOUUsTUFBTSxVQUFVLGlCQUFpQixDQUFDLFdBQW1CLEVBQUUsUUFBZ0I7SUFFckUsTUFBTSxPQUFPLEdBQXFCLEVBQUUsSUFBSSxFQUFFLFFBQVEsRUFBRSxLQUFLLEVBQUUsRUFBRSxFQUFFLENBQUM7SUFFaEUsSUFBSSxJQUFJLENBQUMsUUFBUSxDQUFDLFFBQVEsQ0FBQyxJQUFJLG1CQUFtQjtRQUNoRCxPQUFPLE9BQU8sQ0FBQyxPQUFPLENBQUMsT0FBTyxDQUFDLENBQUM7SUFFbEMsTUFBTSxRQUFRLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyxXQUFXLENBQUMsRUFBRSxRQUFRLENBQUM7SUFFbkQsSUFBSSxDQUFDLFFBQVE7UUFBRSxPQUFPLE9BQU8sQ0FBQyxPQUFPLENBQUMsT0FBTyxDQUFDLENBQUM7SUFFL0MsS0FBSyxNQUFNLENBQUMsR0FBRyxFQUFFLEtBQUssQ0FBQyxJQUFJLE1BQU0sQ0FBQyxPQUFPLENBQUMsUUFBUSxDQUFDLEVBQUU7UUFDbkQsSUFBSSxDQUFDLEdBQUc7WUFBRSxTQUFTO1FBRW5CLE1BQU0sR0FBRyxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsTUFBTSxDQUFDLENBQUM7UUFFOUIsSUFBSSxJQUFJLEdBQUcsSUFBSSxVQUFVLENBQUMsU0FBUyxFQUFFLEdBQUcsQ0FBQyxNQUFNLENBQUMsS0FBSyxFQUFFLEdBQUcsQ0FBQyxNQUFNLENBQUMsTUFBTSxFQUFFLFNBQVMsRUFBRSxTQUFTLEVBQUUsU0FBUyxDQUFDLENBQUMsUUFBUSxFQUFFLENBQUM7UUFDdEgsSUFBSSxHQUFHLEdBQUcsS0FBSyxDQUFDLFNBQVMsQ0FBQyxDQUFDO1FBQzNCLE9BQU8sQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLEVBQUUsSUFBSSxFQUFFLElBQUksRUFBRSxXQUFXLEVBQUUsR0FBRyxFQUFFLENBQUMsQ0FBQztLQUN0RDtJQUVELE9BQU8sT0FBTyxDQUFDLE9BQU8sQ0FBQyxPQUFPLENBQUMsQ0FBQztBQUNsQyxDQUFDO0FBR0QsTUFBTSxVQUFVLGNBQWMsQ0FBQyxXQUFtQixFQUFFLFFBQWdCO0lBQ2xFLE1BQU0sT0FBTyxHQUFxQixFQUFFLElBQUksRUFBRSxRQUFRLEVBQUUsS0FBSyxFQUFFLEVBQUUsRUFBRSxDQUFDO0lBRWhFLElBQUksSUFBSSxDQUFDLFFBQVEsQ0FBQyxRQUFRLENBQUMsSUFBSSxXQUFXO1FBQ3hDLE9BQU8sT0FBTyxDQUFDLE9BQU8sQ0FBQyxPQUFPLENBQUMsQ0FBQztJQUVsQyxNQUFNLFdBQVcsR0FBRyx3QkFBd0IsQ0FBQyxXQUFXLENBQUMsQ0FBQztJQUMxRCxJQUFJLFdBQVcsS0FBSyxtQkFBbUIsQ0FBQyxFQUFFO1FBQUUsT0FBTyxnQkFBZ0IsQ0FBQyxXQUFXLEVBQUUsUUFBUSxDQUFDLENBQUM7U0FDdEYsSUFBSSxXQUFXLEtBQUssbUJBQW1CLENBQUMsRUFBRTtRQUFFLE9BQU8sZ0JBQWdCLENBQUMsV0FBVyxFQUFFLFFBQVEsQ0FBQyxDQUFDO0lBRWhHLE9BQU8sT0FBTyxDQUFDLE9BQU8sQ0FBQyxPQUFPLENBQUMsQ0FBQztBQUNsQyxDQUFDO0FBRUQsSUFBSyxtQkFJSjtBQUpELFdBQUssbUJBQW1CO0lBQ3RCLHlEQUFJLENBQUE7SUFDSix5REFBSSxDQUFBO0lBQ0osK0ZBQXFCLENBQUE7QUFDdkIsQ0FBQyxFQUpJLG1CQUFtQixLQUFuQixtQkFBbUIsUUFJdkI7QUFFRDs7Ozs7Ozs7OztHQVVHO0FBQ0gsTUFBTSxVQUFVLHdCQUF3QixDQUFDLFdBQW1CO0lBRTFELE1BQU0sSUFBSSxHQUFHLFdBQVcsQ0FBQyxLQUFLLENBQUMsSUFBSSxFQUFFLEVBQUUsQ0FBQyxDQUFDLENBQUMsZ0NBQWdDO0lBQzFFLEtBQUssTUFBTSxJQUFJLElBQUksSUFBSSxFQUFFO1FBQ3ZCLElBQUksSUFBSSxDQUFDLFFBQVEsQ0FBQyxhQUFhLENBQUM7WUFBRSxPQUFPLG1CQUFtQixDQUFDLEVBQUUsQ0FBQztRQUNoRSxJQUFJLElBQUksQ0FBQyxRQUFRLENBQUMsa0JBQWtCLENBQUM7WUFBRSxPQUFPLG1CQUFtQixDQUFDLEVBQUUsQ0FBQztLQUN0RTtJQUNELE9BQU8sbUJBQW1CLENBQUMscUJBQXFCLENBQUM7QUFDbkQsQ0FBQztBQUVELE1BQU0sVUFBVSxnQkFBZ0IsQ0FBQyxXQUFtQixFQUFFLFFBQWdCO0lBRXBFLE1BQU0sT0FBTyxHQUFxQixFQUFFLElBQUksRUFBRSxRQUFRLEVBQUUsS0FBSyxFQUFFLEVBQUUsRUFBRSxDQUFDO0lBRWhFLGtEQUFrRDtJQUNsRDs7Ozs7Ozs7T0FRRztJQUNILE1BQU0sZUFBZSxHQUFHLFdBQVcsQ0FBQyxLQUFLLENBQUMsTUFBTSxDQUFDLENBQUM7SUFFbEQsS0FBSyxNQUFNLGFBQWEsSUFBSSxlQUFlLEVBQUU7UUFHM0MsTUFBTSxjQUFjLEdBQTJCLEVBQUUsQ0FBQztRQUNsRCxNQUFNLGVBQWUsR0FBRyxFQUFFLENBQUM7UUFFM0IsTUFBTSxTQUFTLEdBQUcsYUFBYSxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUM1QyxJQUFJLFNBQVMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxJQUFJLEVBQUUsRUFBRSxDQUFDLElBQUksQ0FBQyxJQUFJLEVBQUUsQ0FBQyxVQUFVLENBQUMsR0FBRyxDQUFDLElBQUksSUFBSSxDQUFDO1lBQUUsU0FBUyxDQUFDLHVCQUF1QjtRQUNyRyxJQUFJLFNBQVMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxJQUFJLEVBQUUsRUFBRSxDQUFDLElBQUksQ0FBQyxJQUFJLEVBQUUsSUFBSSxFQUFFLENBQUM7WUFBRSxTQUFTLENBQUUsMkJBQTJCO1FBRXhGLEtBQUssTUFBTSxRQUFRLElBQUksU0FBUyxFQUFFO1lBRWhDLGlDQUFpQztZQUNqQyxNQUFNLE9BQU8sR0FBRyxRQUFRLENBQUMsSUFBSSxFQUFFLENBQUM7WUFDaEMsTUFBTSxPQUFPLEdBQUcsT0FBTyxDQUFDLFVBQVUsQ0FBQyxHQUFHLENBQUMsQ0FBQztZQUN4QyxJQUFJLENBQUMsT0FBTyxJQUFJLE9BQU87Z0JBQUUsU0FBUztZQUVsQyx3Q0FBd0M7WUFDeEMsa0NBQWtDO1lBQ2xDLGlDQUFpQztZQUNqQyxJQUFJLFFBQVEsQ0FBQyxVQUFVLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUMsQ0FBQyxFQUFFO2FBQ3ZDO1lBRUMsbUJBQW1CO1lBQ25CLGlIQUFpSDtZQUNqSCw2R0FBNkc7WUFDL0csaUJBQWlCO2lCQUNaLElBQUksUUFBUSxDQUFDLFVBQVUsQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQyxDQUFDLEVBQUU7Z0JBQzNDLE1BQU0sR0FBRyxHQUFHLE9BQU8sQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUM7Z0JBQy9CLE1BQU0sR0FBRyxHQUFHLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxJQUFJLEVBQUUsQ0FBQztnQkFDMUIsSUFBSSxHQUFHLEtBQUssZUFBZSxJQUFJLEdBQUcsS0FBSyx1QkFBdUIsRUFBRTtvQkFDOUQsY0FBYyxDQUFDLEdBQUcsQ0FBQyxHQUFHLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxPQUFPLENBQUMsUUFBUSxFQUFFLEVBQUUsQ0FBQyxDQUFDO2lCQUNwRDthQUNGO1lBRUMsK0RBQStEO1lBQ2pFLDZDQUE2QztpQkFDeEMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxVQUFVLENBQUMsR0FBRyxDQUFDLEVBQUU7Z0JBQ2xDLE1BQU0sR0FBRyxHQUFHLFFBQVEsQ0FBQyxPQUFPLENBQUMsSUFBSSxFQUFFLEVBQUUsQ0FBQyxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQztnQkFDbEQsTUFBTSxZQUFZLEdBQUcsR0FBRyxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDLElBQUksQ0FBQyxJQUFJLEVBQUUsQ0FBQyxPQUFPLENBQUMsTUFBTSxFQUFFLEVBQUUsQ0FBQyxDQUFDLENBQUM7Z0JBRXRFLEtBQUssTUFBTSxHQUFHLElBQUksWUFBWSxFQUFFO29CQUU5QixNQUFNLE9BQU8sR0FBRyxHQUFHLENBQUMsV0FBVyxDQUFDLEdBQUcsQ0FBQyxDQUFDO29CQUVyQyxJQUFJLFVBQVUsR0FBRyxHQUFHLENBQUMsS0FBSyxDQUFDLE9BQU8sR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFFLGNBQWM7b0JBQ3hELFVBQVUsR0FBRyxVQUFVLENBQUMsT0FBTyxDQUFDLE1BQU0sRUFBRSxFQUFFLENBQUMsQ0FBQztvQkFFNUMsTUFBTSxPQUFPLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxDQUFDLEVBQUUsT0FBTyxDQUFDLENBQUM7b0JBRXRDLElBQUksRUFBRSxHQUFHLEVBQUUsQ0FBQztvQkFDWixJQUFJLElBQUksR0FBRyxPQUFPLENBQUM7b0JBQ25CLElBQUksT0FBTyxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsRUFBRTt3QkFDekIsTUFBTSxVQUFVLEdBQUcsR0FBRyxDQUFDLFdBQVcsQ0FBQyxHQUFHLENBQUMsQ0FBQzt3QkFDeEMsRUFBRSxHQUFHLE9BQU8sQ0FBQyxLQUFLLENBQUMsQ0FBQyxFQUFFLFVBQVUsQ0FBQyxDQUFDO3dCQUNsQyxJQUFJLEdBQUcsT0FBTyxDQUFDLEtBQUssQ0FBQyxVQUFVLEdBQUcsQ0FBQyxDQUFDLENBQUM7cUJBQ3RDO29CQUVELGVBQWUsQ0FBQyxJQUFJLENBQUMsRUFBRSxVQUFVLEVBQUUsVUFBVSxFQUFFLEVBQUUsRUFBRSxFQUFFLEVBQUUsSUFBSSxFQUFFLElBQUksRUFBRSxDQUFDLENBQUM7aUJBQ3RFO2FBRUY7U0FHRjtRQUVELHFFQUFxRTtRQUNyRSxNQUFNLGFBQWEsR0FBRyxlQUFlLENBQUMsS0FBSyxDQUFDLENBQUMsY0FBYyxFQUFFLEVBQUU7WUFDN0QsT0FBTyxjQUFjLENBQUMsRUFBRSxLQUFLLGVBQWUsQ0FBQyxDQUFDLENBQUMsQ0FBQyxFQUFFLElBQUksY0FBYyxDQUFDLElBQUksS0FBSyxlQUFlLENBQUMsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDO1FBQ3hHLENBQUMsQ0FBQyxDQUFDO1FBRUgsSUFBSSxDQUFDLGFBQWEsRUFBRTtZQUNsQixPQUFPLENBQUMsS0FBSyxDQUFDLHNEQUFzRCxDQUFDLENBQUM7WUFDdEUsU0FBUztTQUNWO1FBQ0QsTUFBTSxjQUFjLEdBQUcsZUFBZSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQzFDLE1BQU0sU0FBUyxHQUFHLGNBQWMsQ0FBQyxFQUFFLENBQUM7UUFDcEMsTUFBTSxJQUFJLEdBQUcsY0FBYyxDQUFDLElBQUksQ0FBQztRQUNqQyxNQUFNLE9BQU8sR0FBRyxjQUFjLENBQUMsU0FBUyxDQUFDLENBQUM7UUFDMUMsTUFBTSxJQUFJLEdBQUcsSUFBSSxVQUFVLENBQUMsU0FBUyxFQUFFLFNBQVMsRUFBRSxJQUFJLEVBQUUsT0FBTyxFQUFFLFNBQVMsRUFBRSxTQUFTLENBQUMsQ0FBQyxRQUFRLEVBQUUsQ0FBQztRQUVsRyxJQUFJLFdBQVcsR0FBRyxFQUFFLENBQUM7UUFDckIsS0FBSyxNQUFNLGNBQWMsSUFBSSxlQUFlLEVBQUU7WUFDNUMsV0FBVyxJQUFJLGNBQWMsQ0FBQyxVQUFVLEdBQUcsSUFBSSxDQUFDO1NBQ2pEO1FBQ0QsSUFBSSxXQUFXLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxFQUFFO1lBQzlCLFdBQVcsR0FBRyxXQUFXLENBQUMsS0FBSyxDQUFDLENBQUMsRUFBRSxXQUFXLENBQUMsTUFBTSxHQUFHLENBQUMsQ0FBQyxDQUFDO1NBQzVEO1FBRUQsT0FBTyxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsRUFBRSxJQUFJLEVBQUUsSUFBSSxFQUFFLFdBQVcsRUFBRSxXQUFXLEVBQUUsQ0FBQyxDQUFDO0tBRTlEO0lBR0QsT0FBTyxPQUFPLENBQUMsT0FBTyxDQUFDLE9BQU8sQ0FBQyxDQUFDO0FBRWxDLENBQUM7QUFHRCxxQ0FBcUM7QUFDckMsTUFBTSxVQUFVLGdCQUFnQixDQUFDLFdBQW1CLEVBQUUsUUFBZ0I7SUFFcEUsTUFBTSxPQUFPLEdBQXFCLEVBQUUsSUFBSSxFQUFFLFFBQVEsRUFBRSxLQUFLLEVBQUUsRUFBRSxFQUFFLENBQUM7SUFHaEUsT0FBTyxPQUFPLENBQUMsT0FBTyxDQUFDLE9BQU8sQ0FBQyxDQUFDO0FBRWxDLENBQUMifQ==
|