verimu 0.0.15 → 0.0.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{cli.js → cli.mjs} +71 -4
- package/dist/cli.mjs.map +1 -0
- package/dist/index.cjs +71 -2
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +22 -1
- package/dist/index.d.ts +22 -1
- package/dist/index.mjs +71 -3
- package/dist/index.mjs.map +1 -1
- package/package.json +2 -2
- package/dist/cli.js.map +0 -1
package/dist/{cli.js → cli.mjs}
RENAMED
|
@@ -16874,8 +16874,73 @@ var VerimuApiClient = class {
|
|
|
16874
16874
|
}
|
|
16875
16875
|
};
|
|
16876
16876
|
|
|
16877
|
+
// src/core/source.ts
|
|
16878
|
+
var CI_ENV_SIGNATURES = {
|
|
16879
|
+
// Generic CI marker (most CI systems set this)
|
|
16880
|
+
CI: "true",
|
|
16881
|
+
// GitHub Actions
|
|
16882
|
+
GITHUB_ACTIONS: "true",
|
|
16883
|
+
// GitLab CI
|
|
16884
|
+
GITLAB_CI: "true",
|
|
16885
|
+
// Bitbucket Pipelines
|
|
16886
|
+
BITBUCKET_BUILD_NUMBER: "*",
|
|
16887
|
+
// CircleCI
|
|
16888
|
+
CIRCLECI: "true",
|
|
16889
|
+
// Jenkins
|
|
16890
|
+
JENKINS_URL: "*",
|
|
16891
|
+
// Azure Pipelines
|
|
16892
|
+
TF_BUILD: "True",
|
|
16893
|
+
// Travis CI
|
|
16894
|
+
TRAVIS: "true",
|
|
16895
|
+
// TeamCity
|
|
16896
|
+
TEAMCITY_VERSION: "*",
|
|
16897
|
+
// AWS CodeBuild
|
|
16898
|
+
CODEBUILD_BUILD_ID: "*",
|
|
16899
|
+
// Drone CI
|
|
16900
|
+
DRONE: "true",
|
|
16901
|
+
// Buildkite
|
|
16902
|
+
BUILDKITE: "true",
|
|
16903
|
+
// Vercel
|
|
16904
|
+
VERCEL: "1",
|
|
16905
|
+
// Netlify
|
|
16906
|
+
NETLIFY: "true",
|
|
16907
|
+
// Heroku CI
|
|
16908
|
+
HEROKU_TEST_RUN_ID: "*",
|
|
16909
|
+
// Semaphore CI
|
|
16910
|
+
SEMAPHORE: "true",
|
|
16911
|
+
// AppVeyor
|
|
16912
|
+
APPVEYOR: "True",
|
|
16913
|
+
// Woodpecker CI
|
|
16914
|
+
CI_PIPELINE_ID: "*"
|
|
16915
|
+
};
|
|
16916
|
+
function isInCiEnvironment() {
|
|
16917
|
+
for (const [envVar, expectedValue] of Object.entries(CI_ENV_SIGNATURES)) {
|
|
16918
|
+
const actualValue = process.env[envVar];
|
|
16919
|
+
if (actualValue === void 0 || actualValue === "") {
|
|
16920
|
+
continue;
|
|
16921
|
+
}
|
|
16922
|
+
if (expectedValue === "*" || actualValue.toLowerCase() === expectedValue.toLowerCase()) {
|
|
16923
|
+
return true;
|
|
16924
|
+
}
|
|
16925
|
+
}
|
|
16926
|
+
return false;
|
|
16927
|
+
}
|
|
16928
|
+
function detectSource() {
|
|
16929
|
+
const explicitSource = process.env.VERIMU_SOURCE?.trim().toLowerCase();
|
|
16930
|
+
if (explicitSource) {
|
|
16931
|
+
if (explicitSource === "cicd" || explicitSource === "ci/cd" || explicitSource === "ci") {
|
|
16932
|
+
return "cicd";
|
|
16933
|
+
}
|
|
16934
|
+
return "cli";
|
|
16935
|
+
}
|
|
16936
|
+
if (isInCiEnvironment()) {
|
|
16937
|
+
return "cicd";
|
|
16938
|
+
}
|
|
16939
|
+
return "cli";
|
|
16940
|
+
}
|
|
16941
|
+
|
|
16877
16942
|
// src/context/snippet-extractor.ts
|
|
16878
|
-
import { relative } from "path";
|
|
16943
|
+
import { relative, sep } from "path";
|
|
16879
16944
|
var DEFAULT_NUM_CONTEXT_LINES = 4;
|
|
16880
16945
|
var MIN_CONTEXT_LINES = 0;
|
|
16881
16946
|
var MAX_CONTEXT_LINES = 20;
|
|
@@ -16905,7 +16970,7 @@ function buildSnippet(params) {
|
|
|
16905
16970
|
const endLine = Math.min(lines.length || 1, centerLine + numContextLines);
|
|
16906
16971
|
const code = lines.slice(startLine - 1, endLine).join("\n");
|
|
16907
16972
|
return {
|
|
16908
|
-
filePath: relative(projectPath, filePath),
|
|
16973
|
+
filePath: relative(projectPath, filePath).split(sep).join("/"),
|
|
16909
16974
|
startLine,
|
|
16910
16975
|
endLine,
|
|
16911
16976
|
code,
|
|
@@ -17721,6 +17786,7 @@ function deriveArtifactOutputPaths(cycloneDxOutput) {
|
|
|
17721
17786
|
};
|
|
17722
17787
|
}
|
|
17723
17788
|
function buildUploadPayload(report) {
|
|
17789
|
+
const source = detectSource();
|
|
17724
17790
|
if (!report.artifacts) {
|
|
17725
17791
|
return report.sbom.content;
|
|
17726
17792
|
}
|
|
@@ -17729,7 +17795,8 @@ function buildUploadPayload(report) {
|
|
|
17729
17795
|
cyclonedx: JSON.parse(report.artifacts.cyclonedx.content),
|
|
17730
17796
|
spdx: JSON.parse(report.artifacts.spdx.content),
|
|
17731
17797
|
swid: report.artifacts.swid.content,
|
|
17732
|
-
usage_context: usageContext
|
|
17798
|
+
usage_context: usageContext,
|
|
17799
|
+
meta: { source }
|
|
17733
17800
|
};
|
|
17734
17801
|
}
|
|
17735
17802
|
function sanitizeUsageContextForUpload(usageContext) {
|
|
@@ -18064,4 +18131,4 @@ if (isDirectRun) {
|
|
|
18064
18131
|
export {
|
|
18065
18132
|
parseArgs
|
|
18066
18133
|
};
|
|
18067
|
-
//# sourceMappingURL=cli.
|
|
18134
|
+
//# sourceMappingURL=cli.mjs.map
|