verimu 0.0.15 → 0.0.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. package/dist/{cli.js → cli.mjs} +69 -2
  2. package/dist/cli.mjs.map +1 -0
  3. package/dist/index.cjs +70 -1
  4. package/dist/index.cjs.map +1 -1
  5. package/dist/index.d.cts +22 -1
  6. package/dist/index.d.ts +22 -1
  7. package/dist/index.mjs +69 -1
  8. package/dist/index.mjs.map +1 -1
  9. package/package.json +1 -1
  10. package/dist/cli.js.map +0 -1
package/dist/{cli.js → cli.mjs} RENAMED
@@ -16874,6 +16874,71 @@ var VerimuApiClient = class {
16874
16874
  }
16875
16875
  };
16876
16876
 
16877
+ // src/core/source.ts
16878
+ var CI_ENV_SIGNATURES = {
16879
+ // Generic CI marker (most CI systems set this)
16880
+ CI: "true",
16881
+ // GitHub Actions
16882
+ GITHUB_ACTIONS: "true",
16883
+ // GitLab CI
16884
+ GITLAB_CI: "true",
16885
+ // Bitbucket Pipelines
16886
+ BITBUCKET_BUILD_NUMBER: "*",
16887
+ // CircleCI
16888
+ CIRCLECI: "true",
16889
+ // Jenkins
16890
+ JENKINS_URL: "*",
16891
+ // Azure Pipelines
16892
+ TF_BUILD: "True",
16893
+ // Travis CI
16894
+ TRAVIS: "true",
16895
+ // TeamCity
16896
+ TEAMCITY_VERSION: "*",
16897
+ // AWS CodeBuild
16898
+ CODEBUILD_BUILD_ID: "*",
16899
+ // Drone CI
16900
+ DRONE: "true",
16901
+ // Buildkite
16902
+ BUILDKITE: "true",
16903
+ // Vercel
16904
+ VERCEL: "1",
16905
+ // Netlify
16906
+ NETLIFY: "true",
16907
+ // Heroku CI
16908
+ HEROKU_TEST_RUN_ID: "*",
16909
+ // Semaphore CI
16910
+ SEMAPHORE: "true",
16911
+ // AppVeyor
16912
+ APPVEYOR: "True",
16913
+ // Woodpecker CI
16914
+ CI_PIPELINE_ID: "*"
16915
+ };
16916
+ function isInCiEnvironment() {
16917
+ for (const [envVar, expectedValue] of Object.entries(CI_ENV_SIGNATURES)) {
16918
+ const actualValue = process.env[envVar];
16919
+ if (actualValue === void 0 || actualValue === "") {
16920
+ continue;
16921
+ }
16922
+ if (expectedValue === "*" || actualValue.toLowerCase() === expectedValue.toLowerCase()) {
16923
+ return true;
16924
+ }
16925
+ }
16926
+ return false;
16927
+ }
16928
+ function detectSource() {
16929
+ const explicitSource = process.env.VERIMU_SOURCE?.trim().toLowerCase();
16930
+ if (explicitSource) {
16931
+ if (explicitSource === "cicd" || explicitSource === "ci/cd" || explicitSource === "ci") {
16932
+ return "cicd";
16933
+ }
16934
+ return "cli";
16935
+ }
16936
+ if (isInCiEnvironment()) {
16937
+ return "cicd";
16938
+ }
16939
+ return "cli";
16940
+ }
16941
+
16877
16942
  // src/context/snippet-extractor.ts
16878
16943
  import { relative } from "path";
16879
16944
  var DEFAULT_NUM_CONTEXT_LINES = 4;
@@ -17721,6 +17786,7 @@ function deriveArtifactOutputPaths(cycloneDxOutput) {
17721
17786
  };
17722
17787
  }
17723
17788
  function buildUploadPayload(report) {
17789
+ const source = detectSource();
17724
17790
  if (!report.artifacts) {
17725
17791
  return report.sbom.content;
17726
17792
  }
@@ -17729,7 +17795,8 @@ function buildUploadPayload(report) {
17729
17795
  cyclonedx: JSON.parse(report.artifacts.cyclonedx.content),
17730
17796
  spdx: JSON.parse(report.artifacts.spdx.content),
17731
17797
  swid: report.artifacts.swid.content,
17732
- usage_context: usageContext
17798
+ usage_context: usageContext,
17799
+ meta: { source }
17733
17800
  };
17734
17801
  }
17735
17802
  function sanitizeUsageContextForUpload(usageContext) {
@@ -18064,4 +18131,4 @@ if (isDirectRun) {
18064
18131
  export {
18065
18132
  parseArgs
18066
18133
  };
18067
- //# sourceMappingURL=cli.js.map
18134
+ //# sourceMappingURL=cli.mjs.map