From 88a261c3628dc6dac1fd2b63218a716ce27aab17 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Fri, 3 May 2024 12:12:04 +0200 Subject: [PATCH] ci: use node22 (#1179) Signed-off-by: Jan Kowalleck --- .github/workflows/nodejs.yml | 4 +- .github/workflows/npm-ls_demo-results.yml | 50 +- .../npm-ls_npm10_node22_macos-latest.json | 1147 +++ .../npm-ls_npm10_node22_ubuntu-latest.json | 1147 +++ .../npm-ls_npm10_node22_windows-latest.json | 1147 +++ .../npm-ls_npm6_node22_macos-latest.json | 6759 +++++++++++++++++ .../npm-ls_npm6_node22_ubuntu-latest.json | 6759 +++++++++++++++++ .../npm-ls_npm6_node22_windows-latest.json | 6759 +++++++++++++++++ .../npm-ls_npm7_node22_macos-latest.json | 1096 +++ .../npm-ls_npm7_node22_ubuntu-latest.json | 1096 +++ .../npm-ls_npm7_node22_windows-latest.json | 1096 +++ .../npm-ls_npm8_node22_macos-latest.json | 1147 +++ .../npm-ls_npm8_node22_ubuntu-latest.json | 1147 +++ .../npm-ls_npm8_node22_windows-latest.json | 1147 +++ .../npm-ls_npm9_node22_macos-latest.json | 1147 +++ .../npm-ls_npm9_node22_ubuntu-latest.json | 1147 +++ .../npm-ls_npm9_node22_windows-latest.json | 1147 +++ .../npm-ls_npm10_node22_macos-latest.json | 135 + .../npm-ls_npm10_node22_ubuntu-latest.json | 135 + .../npm-ls_npm10_node22_windows-latest.json | 135 + .../npm-ls_npm6_node22_macos-latest.json | 839 ++ .../npm-ls_npm6_node22_ubuntu-latest.json | 839 ++ .../npm-ls_npm6_node22_windows-latest.json | 839 ++ .../npm-ls_npm7_node22_macos-latest.json | 130 + .../npm-ls_npm7_node22_ubuntu-latest.json | 130 + .../npm-ls_npm7_node22_windows-latest.json | 130 + .../npm-ls_npm8_node22_macos-latest.json | 135 + .../npm-ls_npm8_node22_ubuntu-latest.json | 135 + .../npm-ls_npm8_node22_windows-latest.json | 135 + .../npm-ls_npm9_node22_macos-latest.json | 135 + .../npm-ls_npm9_node22_ubuntu-latest.json | 135 + .../npm-ls_npm9_node22_windows-latest.json | 135 + .../npm-ls_npm10_node22_macos-latest.json | 61 + .../npm-ls_npm10_node22_ubuntu-latest.json | 61 + .../npm-ls_npm10_node22_windows-latest.json | 61 + .../npm-ls_npm6_node22_macos-latest.json | 157 + .../npm-ls_npm6_node22_ubuntu-latest.json | 157 + .../npm-ls_npm6_node22_windows-latest.json | 157 + .../npm-ls_npm7_node22_macos-latest.json | 58 + .../npm-ls_npm7_node22_ubuntu-latest.json | 58 + .../npm-ls_npm7_node22_windows-latest.json | 58 + .../npm-ls_npm8_node22_macos-latest.json | 61 + .../npm-ls_npm8_node22_ubuntu-latest.json | 61 + .../npm-ls_npm8_node22_windows-latest.json | 61 + .../npm-ls_npm9_node22_macos-latest.json | 61 + .../npm-ls_npm9_node22_ubuntu-latest.json | 61 + .../npm-ls_npm9_node22_windows-latest.json | 61 + .../npm-ls_npm10_node22_macos-latest.json | 103 + .../npm-ls_npm10_node22_ubuntu-latest.json | 103 + .../npm-ls_npm10_node22_windows-latest.json | 103 + .../npm-ls_npm7_node22_macos-latest.json | 100 + .../npm-ls_npm7_node22_ubuntu-latest.json | 100 + .../npm-ls_npm7_node22_windows-latest.json | 100 + .../npm-ls_npm8_node22_macos-latest.json | 103 + .../npm-ls_npm8_node22_ubuntu-latest.json | 103 + .../npm-ls_npm8_node22_windows-latest.json | 103 + .../npm-ls_npm9_node22_macos-latest.json | 103 + .../npm-ls_npm9_node22_ubuntu-latest.json | 103 + .../npm-ls_npm9_node22_windows-latest.json | 103 + .../npm-ls_npm10_node22_macos-latest.json | 97 + .../npm-ls_npm10_node22_ubuntu-latest.json | 97 + .../npm-ls_npm10_node22_windows-latest.json | 97 + .../npm-ls_npm6_node22_macos-latest.json | 531 ++ .../npm-ls_npm6_node22_ubuntu-latest.json | 531 ++ .../npm-ls_npm6_node22_windows-latest.json | 531 ++ .../npm-ls_npm7_node22_macos-latest.json | 92 + .../npm-ls_npm7_node22_ubuntu-latest.json | 92 + .../npm-ls_npm7_node22_windows-latest.json | 92 + .../npm-ls_npm8_node22_macos-latest.json | 97 + .../npm-ls_npm8_node22_ubuntu-latest.json | 97 + .../npm-ls_npm8_node22_windows-latest.json | 97 + .../npm-ls_npm9_node22_macos-latest.json | 97 + .../npm-ls_npm9_node22_ubuntu-latest.json | 97 + .../npm-ls_npm9_node22_windows-latest.json | 97 + .../npm-ls_npm10_node22_macos-latest.json | 13 + .../npm-ls_npm10_node22_ubuntu-latest.json | 13 + .../npm-ls_npm10_node22_windows-latest.json | 13 + .../npm-ls_npm6_node22_macos-latest.json | 21 + .../npm-ls_npm6_node22_ubuntu-latest.json | 21 + .../npm-ls_npm6_node22_windows-latest.json | 21 + .../npm-ls_npm7_node22_macos-latest.json | 13 + .../npm-ls_npm7_node22_ubuntu-latest.json | 13 + .../npm-ls_npm7_node22_windows-latest.json | 13 + .../npm-ls_npm8_node22_macos-latest.json | 13 + .../npm-ls_npm8_node22_ubuntu-latest.json | 13 + .../npm-ls_npm8_node22_windows-latest.json | 13 + .../npm-ls_npm9_node22_macos-latest.json | 13 + .../npm-ls_npm9_node22_ubuntu-latest.json | 13 + .../npm-ls_npm9_node22_windows-latest.json | 13 + ...encies_npm10_node22_macos-latest.snap.json | 1593 ++++ ...ncies_npm10_node22_ubuntu-latest.snap.json | 1593 ++++ ...cies_npm10_node22_windows-latest.snap.json | 1593 ++++ ...dencies_npm6_node22_macos-latest.snap.json | 2813 +++++++ ...encies_npm6_node22_ubuntu-latest.snap.json | 2813 +++++++ ...ncies_npm6_node22_windows-latest.snap.json | 2813 +++++++ ...dencies_npm7_node22_macos-latest.snap.json | 1593 ++++ ...encies_npm7_node22_ubuntu-latest.snap.json | 1593 ++++ ...ncies_npm7_node22_windows-latest.snap.json | 1593 ++++ ...dencies_npm8_node22_macos-latest.snap.json | 1593 ++++ ...encies_npm8_node22_ubuntu-latest.snap.json | 1593 ++++ ...ncies_npm8_node22_windows-latest.snap.json | 1593 ++++ ...dencies_npm9_node22_macos-latest.snap.json | 1593 ++++ ...encies_npm9_node22_ubuntu-latest.snap.json | 1593 ++++ ...ncies_npm9_node22_windows-latest.snap.json | 1593 ++++ ...encies_npm10_node22_macos-latest.snap.json | 269 + ...ncies_npm10_node22_ubuntu-latest.snap.json | 269 + ...cies_npm10_node22_windows-latest.snap.json | 269 + ...dencies_npm6_node22_macos-latest.snap.json | 374 + ...encies_npm6_node22_ubuntu-latest.snap.json | 374 + ...ncies_npm6_node22_windows-latest.snap.json | 374 + ...dencies_npm7_node22_macos-latest.snap.json | 269 + ...encies_npm7_node22_ubuntu-latest.snap.json | 269 + ...ncies_npm7_node22_windows-latest.snap.json | 269 + ...dencies_npm8_node22_macos-latest.snap.json | 269 + ...encies_npm8_node22_ubuntu-latest.snap.json | 269 + ...ncies_npm8_node22_windows-latest.snap.json | 269 + ...dencies_npm9_node22_macos-latest.snap.json | 269 + ...encies_npm9_node22_ubuntu-latest.snap.json | 269 + ...ncies_npm9_node22_windows-latest.snap.json | 269 + ...encies_npm10_node22_macos-latest.snap.json | 166 + ...ncies_npm10_node22_ubuntu-latest.snap.json | 166 + ...cies_npm10_node22_windows-latest.snap.json | 166 + ...dencies_npm6_node22_macos-latest.snap.json | 179 + ...encies_npm6_node22_ubuntu-latest.snap.json | 179 + ...ncies_npm6_node22_windows-latest.snap.json | 179 + ...dencies_npm7_node22_macos-latest.snap.json | 166 + ...encies_npm7_node22_ubuntu-latest.snap.json | 166 + ...ncies_npm7_node22_windows-latest.snap.json | 166 + ...dencies_npm8_node22_macos-latest.snap.json | 166 + ...encies_npm8_node22_ubuntu-latest.snap.json | 166 + ...ncies_npm8_node22_windows-latest.snap.json | 166 + ...dencies_npm9_node22_macos-latest.snap.json | 166 + ...encies_npm9_node22_ubuntu-latest.snap.json | 166 + ...ncies_npm9_node22_windows-latest.snap.json | 166 + ...spaces_npm10_node22_macos-latest.snap.json | 171 + ...paces_npm10_node22_ubuntu-latest.snap.json | 171 + ...aces_npm10_node22_windows-latest.snap.json | 171 + ...kspaces_npm7_node22_macos-latest.snap.json | 171 + ...spaces_npm7_node22_ubuntu-latest.snap.json | 171 + ...paces_npm7_node22_windows-latest.snap.json | 171 + ...kspaces_npm8_node22_macos-latest.snap.json | 171 + ...spaces_npm8_node22_ubuntu-latest.snap.json | 171 + ...paces_npm8_node22_windows-latest.snap.json | 171 + ...kspaces_npm9_node22_macos-latest.snap.json | 171 + ...spaces_npm9_node22_ubuntu-latest.snap.json | 171 + ...paces_npm9_node22_windows-latest.snap.json | 171 + ...egrity_npm10_node22_macos-latest.snap.json | 273 + ...grity_npm10_node22_ubuntu-latest.snap.json | 273 + ...rity_npm10_node22_windows-latest.snap.json | 273 + ...tegrity_npm6_node22_macos-latest.snap.json | 358 + ...egrity_npm6_node22_ubuntu-latest.snap.json | 358 + ...grity_npm6_node22_windows-latest.snap.json | 358 + ...tegrity_npm7_node22_macos-latest.snap.json | 273 + ...egrity_npm7_node22_ubuntu-latest.snap.json | 273 + ...grity_npm7_node22_windows-latest.snap.json | 273 + ...tegrity_npm8_node22_macos-latest.snap.json | 273 + ...egrity_npm8_node22_ubuntu-latest.snap.json | 273 + ...grity_npm8_node22_windows-latest.snap.json | 273 + ...tegrity_npm9_node22_macos-latest.snap.json | 273 + ...egrity_npm9_node22_ubuntu-latest.snap.json | 273 + ...grity_npm9_node22_windows-latest.snap.json | 273 + ...ild-id_npm10_node22_macos-latest.snap.json | 89 + ...ld-id_npm10_node22_ubuntu-latest.snap.json | 89 + ...d-id_npm10_node22_windows-latest.snap.json | 89 + ...uild-id_npm6_node22_macos-latest.snap.json | 89 + ...ild-id_npm6_node22_ubuntu-latest.snap.json | 89 + ...ld-id_npm6_node22_windows-latest.snap.json | 89 + ...uild-id_npm7_node22_macos-latest.snap.json | 89 + ...ild-id_npm7_node22_ubuntu-latest.snap.json | 89 + ...ld-id_npm7_node22_windows-latest.snap.json | 89 + ...uild-id_npm8_node22_macos-latest.snap.json | 89 + ...ild-id_npm8_node22_ubuntu-latest.snap.json | 89 + ...ld-id_npm8_node22_windows-latest.snap.json | 89 + ...uild-id_npm9_node22_macos-latest.snap.json | 89 + ...ild-id_npm9_node22_ubuntu-latest.snap.json | 89 + ...ld-id_npm9_node22_windows-latest.snap.json | 89 + ...encies_npm10_node22_macos-latest.snap.json | 1591 ++++ ...ncies_npm10_node22_ubuntu-latest.snap.json | 1591 ++++ ...cies_npm10_node22_windows-latest.snap.json | 1591 ++++ ...dencies_npm6_node22_macos-latest.snap.json | 2811 +++++++ ...encies_npm6_node22_ubuntu-latest.snap.json | 2811 +++++++ ...ncies_npm6_node22_windows-latest.snap.json | 2811 +++++++ ...dencies_npm7_node22_macos-latest.snap.json | 1591 ++++ ...encies_npm7_node22_ubuntu-latest.snap.json | 1591 ++++ ...ncies_npm7_node22_windows-latest.snap.json | 1591 ++++ ...dencies_npm8_node22_macos-latest.snap.json | 1591 ++++ ...encies_npm8_node22_ubuntu-latest.snap.json | 1591 ++++ ...ncies_npm8_node22_windows-latest.snap.json | 1591 ++++ ...dencies_npm9_node22_macos-latest.snap.json | 1591 ++++ ...encies_npm9_node22_ubuntu-latest.snap.json | 1591 ++++ ...ncies_npm9_node22_windows-latest.snap.json | 1591 ++++ ...encies_npm10_node22_macos-latest.snap.json | 269 + ...ncies_npm10_node22_ubuntu-latest.snap.json | 269 + ...cies_npm10_node22_windows-latest.snap.json | 269 + ...dencies_npm6_node22_macos-latest.snap.json | 374 + ...encies_npm6_node22_ubuntu-latest.snap.json | 374 + ...ncies_npm6_node22_windows-latest.snap.json | 374 + ...dencies_npm7_node22_macos-latest.snap.json | 269 + ...encies_npm7_node22_ubuntu-latest.snap.json | 269 + ...ncies_npm7_node22_windows-latest.snap.json | 269 + ...dencies_npm8_node22_macos-latest.snap.json | 269 + ...encies_npm8_node22_ubuntu-latest.snap.json | 269 + ...ncies_npm8_node22_windows-latest.snap.json | 269 + ...dencies_npm9_node22_macos-latest.snap.json | 269 + ...encies_npm9_node22_ubuntu-latest.snap.json | 269 + ...ncies_npm9_node22_windows-latest.snap.json | 269 + ...encies_npm10_node22_macos-latest.snap.json | 166 + ...ncies_npm10_node22_ubuntu-latest.snap.json | 166 + ...cies_npm10_node22_windows-latest.snap.json | 166 + ...dencies_npm6_node22_macos-latest.snap.json | 179 + ...encies_npm6_node22_ubuntu-latest.snap.json | 179 + ...ncies_npm6_node22_windows-latest.snap.json | 179 + ...dencies_npm7_node22_macos-latest.snap.json | 166 + ...encies_npm7_node22_ubuntu-latest.snap.json | 166 + ...ncies_npm7_node22_windows-latest.snap.json | 166 + ...dencies_npm8_node22_macos-latest.snap.json | 166 + ...encies_npm8_node22_ubuntu-latest.snap.json | 166 + ...ncies_npm8_node22_windows-latest.snap.json | 166 + ...dencies_npm9_node22_macos-latest.snap.json | 166 + ...encies_npm9_node22_ubuntu-latest.snap.json | 166 + ...ncies_npm9_node22_windows-latest.snap.json | 166 + ...spaces_npm10_node22_macos-latest.snap.json | 171 + ...paces_npm10_node22_ubuntu-latest.snap.json | 171 + ...aces_npm10_node22_windows-latest.snap.json | 171 + ...kspaces_npm7_node22_macos-latest.snap.json | 171 + ...spaces_npm7_node22_ubuntu-latest.snap.json | 171 + ...paces_npm7_node22_windows-latest.snap.json | 171 + ...kspaces_npm8_node22_macos-latest.snap.json | 171 + ...spaces_npm8_node22_ubuntu-latest.snap.json | 171 + ...paces_npm8_node22_windows-latest.snap.json | 171 + ...kspaces_npm9_node22_macos-latest.snap.json | 171 + ...spaces_npm9_node22_ubuntu-latest.snap.json | 171 + ...paces_npm9_node22_windows-latest.snap.json | 171 + ...egrity_npm10_node22_macos-latest.snap.json | 271 + ...grity_npm10_node22_ubuntu-latest.snap.json | 271 + ...rity_npm10_node22_windows-latest.snap.json | 271 + ...tegrity_npm6_node22_macos-latest.snap.json | 356 + ...egrity_npm6_node22_ubuntu-latest.snap.json | 356 + ...grity_npm6_node22_windows-latest.snap.json | 356 + ...tegrity_npm7_node22_macos-latest.snap.json | 271 + ...egrity_npm7_node22_ubuntu-latest.snap.json | 271 + ...grity_npm7_node22_windows-latest.snap.json | 271 + ...tegrity_npm8_node22_macos-latest.snap.json | 271 + ...egrity_npm8_node22_ubuntu-latest.snap.json | 271 + ...grity_npm8_node22_windows-latest.snap.json | 271 + ...tegrity_npm9_node22_macos-latest.snap.json | 271 + ...egrity_npm9_node22_ubuntu-latest.snap.json | 271 + ...grity_npm9_node22_windows-latest.snap.json | 271 + ...ild-id_npm10_node22_macos-latest.snap.json | 89 + ...ld-id_npm10_node22_ubuntu-latest.snap.json | 89 + ...d-id_npm10_node22_windows-latest.snap.json | 89 + ...uild-id_npm6_node22_macos-latest.snap.json | 89 + ...ild-id_npm6_node22_ubuntu-latest.snap.json | 89 + ...ld-id_npm6_node22_windows-latest.snap.json | 89 + ...uild-id_npm7_node22_macos-latest.snap.json | 89 + ...ild-id_npm7_node22_ubuntu-latest.snap.json | 89 + ...ld-id_npm7_node22_windows-latest.snap.json | 89 + ...uild-id_npm8_node22_macos-latest.snap.json | 89 + ...ild-id_npm8_node22_ubuntu-latest.snap.json | 89 + ...ld-id_npm8_node22_windows-latest.snap.json | 89 + ...uild-id_npm9_node22_macos-latest.snap.json | 89 + ...ild-id_npm9_node22_ubuntu-latest.snap.json | 89 + ...ld-id_npm9_node22_windows-latest.snap.json | 89 + 263 files changed, 127714 insertions(+), 14 deletions(-) create mode 100644 tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm10_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm10_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm10_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm6_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm6_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm6_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm7_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm7_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm7_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm8_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm8_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm8_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm9_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm9_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm9_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm10_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm10_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm10_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm6_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm6_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm6_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm7_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm7_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm7_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm8_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm8_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm8_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm9_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm9_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm9_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm10_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm10_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm10_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm6_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm6_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm6_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm7_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm7_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm7_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm8_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm8_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm8_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm9_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm9_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm9_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm10_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm10_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm10_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm7_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm7_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm7_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm8_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm8_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm8_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm9_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm9_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm9_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm10_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm10_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm10_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm6_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm6_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm6_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm7_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm7_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm7_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm8_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm8_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm8_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm9_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm9_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm9_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm10_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm10_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm10_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm6_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm6_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm6_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm7_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm7_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm7_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm8_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm8_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm8_node22_windows-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm9_node22_macos-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm9_node22_ubuntu-latest.json create mode 100644 tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm9_node22_windows-latest.json create mode 100644 tests/_data/sbom_demo-results/bare/bundled-dependencies_npm10_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/bundled-dependencies_npm10_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/bundled-dependencies_npm10_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/bundled-dependencies_npm6_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/bundled-dependencies_npm6_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/bundled-dependencies_npm6_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/bundled-dependencies_npm7_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/bundled-dependencies_npm7_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/bundled-dependencies_npm7_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/bundled-dependencies_npm8_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/bundled-dependencies_npm8_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/bundled-dependencies_npm8_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/bundled-dependencies_npm9_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/bundled-dependencies_npm9_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/bundled-dependencies_npm9_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-integrity_npm10_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-integrity_npm10_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-integrity_npm10_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-integrity_npm6_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-integrity_npm6_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-integrity_npm6_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-integrity_npm7_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-integrity_npm7_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-integrity_npm7_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-integrity_npm8_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-integrity_npm8_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-integrity_npm8_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-integrity_npm9_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-integrity_npm9_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-integrity_npm9_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-with-build-id_npm10_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-with-build-id_npm10_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-with-build-id_npm10_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-with-build-id_npm6_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-with-build-id_npm6_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-with-build-id_npm6_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-with-build-id_npm7_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-with-build-id_npm7_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-with-build-id_npm7_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-with-build-id_npm8_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-with-build-id_npm8_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-with-build-id_npm8_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-with-build-id_npm9_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-with-build-id_npm9_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/bare/package-with-build-id_npm9_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm10_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm10_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm10_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm6_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm6_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm6_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm7_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm7_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm7_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm8_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm8_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm8_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm9_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm9_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm9_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm10_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm10_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm10_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm6_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm6_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm6_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm7_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm7_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm7_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm8_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm8_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm8_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm9_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm9_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm9_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm10_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm10_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm10_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm6_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm6_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm6_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm7_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm7_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm7_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm8_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm8_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm8_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm9_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm9_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm9_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm10_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm10_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm10_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm7_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm7_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm7_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm8_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm8_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm8_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm9_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm9_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm9_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-integrity_npm10_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-integrity_npm10_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-integrity_npm10_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-integrity_npm6_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-integrity_npm6_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-integrity_npm6_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-integrity_npm7_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-integrity_npm7_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-integrity_npm7_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-integrity_npm8_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-integrity_npm8_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-integrity_npm8_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-integrity_npm9_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-integrity_npm9_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-integrity_npm9_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm10_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm10_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm10_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm6_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm6_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm6_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm7_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm7_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm7_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm8_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm8_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm8_node22_windows-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm9_node22_macos-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm9_node22_ubuntu-latest.snap.json create mode 100644 tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm9_node22_windows-latest.snap.json diff --git a/.github/workflows/nodejs.yml b/.github/workflows/nodejs.yml index 2fe35a9a..2422ae22 100644 --- a/.github/workflows/nodejs.yml +++ b/.github/workflows/nodejs.yml @@ -80,8 +80,8 @@ jobs: node-version: ## action based on https://github.com/actions/node-versions/releases ## see also: https://nodejs.org/en/about/releases/ - - '21' # Current - - '20' # LTS + - '22' # Current + - '20' # active LTS - '18' - '16' - '14' diff --git a/.github/workflows/npm-ls_demo-results.yml b/.github/workflows/npm-ls_demo-results.yml index 40763bc8..67e918b5 100644 --- a/.github/workflows/npm-ls_demo-results.yml +++ b/.github/workflows/npm-ls_demo-results.yml @@ -19,13 +19,13 @@ jobs: fail-fast: false # gather all the results ! matrix: subject: - # - bundled-dependencies - # - dev-dependencies - # - juice-shop - # - local-dependencies - # - local-workspaces + - bundled-dependencies + - dev-dependencies + - juice-shop + - local-dependencies + - local-workspaces - package-integrity - # - package-with-build-id + - package-with-build-id npm-version: ## see https://www.npmjs.com/package/npm?activeTab=versions ## see also: https://github.com/npm/cli/releases @@ -37,10 +37,11 @@ jobs: node-version: ## action based on https://github.com/actions/node-versions/releases ## see also: https://nodejs.org/en/about/releases/ - - '20' # Current - - '18' # Active LTS - - '16' - - '14' + - '22' # Current + #- '20' # Active LTS + #- '18' + #- '16' + #- '14' os: - ubuntu-latest - windows-latest @@ -55,10 +56,13 @@ jobs: - # npm9 upgrade/install failed on node14 npm-version: '9' node-version: '14' - - # juice-shop might not be node14 compatible + - # our specific version of juice-shop might not be node22 compatible + subject: juice-shop + node-version: '22' + - # our specific version of juice-shop might not be node14 compatible subject: juice-shop node-version: '14' - - # juice-shop might not be npm6 compatible + - # our specific version of juice-shop might not be npm6 compatible subject: juice-shop npm-version: '6' - # workspaces are a feature of NPM since 7.0 @@ -105,3 +109,25 @@ jobs: name: '${{ env.RESULTS_ARTIFACT }}_${{ matrix.subject }}_npm${{ matrix.npm-version }}_node${{ matrix.node-version }}_${{ matrix.os }}' path: '${{ env.DEMO_ROOT_DIR}}/*/${{ env.RESULTS_DIR }}' if-no-files-found: error + retention-days: 3 + + combine-results: + name: combine results + needs: [ 'demo-results' ] + runs-on: ubuntu-latest + steps: + - name: fetch and combine RESULTS + # see https://github.com/actions/download-artifact + uses: actions/download-artifact@v4 + with: + pattern: '${{ env.RESULTS_ARTIFACT }}_*' + merge-multiple: true + path: '${{ env.DEMO_ROOT_DIR}}' + - name: Artifact RESULTS + # see https://github.com/actions/upload-artifact + uses: actions/upload-artifact@v4 + with: + name: '${{ env.RESULTS_ARTIFACT }}-combined' + path: '${{ env.DEMO_ROOT_DIR}}' + if-no-files-found: error + retention-days: 3 diff --git a/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm10_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm10_node22_macos-latest.json new file mode 100644 index 00000000..b413223f --- /dev/null +++ b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm10_node22_macos-latest.json @@ -0,0 +1,1147 @@ +{ + "version": "0.0.0", + "name": "demo-bundled-deps", + "private": true, + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "license": "Apache-2.0", + "_id": "demo-bundled-deps@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "_dependencies": { + "bundle-dependencies": "1.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "bundle-dependencies": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "overridden": false, + "name": "bundle-dependencies", + "integrity": "sha512-fM9Q9hJcX1ZYnyjveHTptFZqpLKDO2gdxRhuB8MNSYEQvC6kImDDH2038J/tHfcuV0JRGUj8n8axDY0AnFkXfA==", + "bundleDependencies": [ + "yargs" + ], + "bin": { + "bundle-dependencies": "dist/bin/index.js" + }, + "_id": "bundle-dependencies@1.0.2", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies", + "_dependencies": { + "yargs": "^4.1.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "yargs": { + "version": "4.1.0", + "overridden": false, + "name": "yargs", + "inBundle": true, + "license": "MIT", + "_id": "yargs@4.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/yargs", + "_dependencies": { + "camelcase": "^2.0.1", + "cliui": "^3.0.3", + "decamelize": "^1.1.1", + "os-locale": "^1.4.0", + "pkg-conf": "^1.1.1", + "read-pkg-up": "^1.0.1", + "require-main-filename": "^1.0.0", + "string-width": "^1.0.1", + "window-size": "^0.2.0", + "y18n": "^3.2.0", + "yargs-parser": "^2.1.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "camelcase": { + "version": "2.1.0", + "overridden": false, + "name": "camelcase", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "camelcase@2.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/camelcase", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "cliui": { + "version": "3.1.0", + "overridden": false, + "name": "cliui", + "inBundle": true, + "license": "ISC", + "_id": "cliui@3.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/cliui", + "_dependencies": { + "string-width": "^1.0.1", + "strip-ansi": "^3.0.0", + "wrap-ansi": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "string-width": { + "version": "1.0.1", + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "strip-ansi": { + "version": "3.0.1", + "overridden": false, + "name": "strip-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-ansi@3.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-ansi", + "_dependencies": { + "ansi-regex": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "ansi-regex": { + "version": "2.0.0", + "overridden": false, + "name": "ansi-regex", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "ansi-regex@2.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/ansi-regex", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "wrap-ansi": { + "version": "1.0.0", + "overridden": false, + "name": "wrap-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "wrap-ansi@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/wrap-ansi", + "_dependencies": { + "string-width": "^1.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "string-width": { + "version": "1.0.1", + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "decamelize": { + "version": "1.1.2", + "overridden": false, + "name": "decamelize", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "decamelize@1.1.2", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/decamelize", + "_dependencies": { + "escape-string-regexp": "^1.0.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "escape-string-regexp": { + "version": "1.0.5", + "overridden": false, + "name": "escape-string-regexp", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.8.0" + }, + "_id": "escape-string-regexp@1.0.5", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/escape-string-regexp", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "os-locale": { + "version": "1.4.0", + "overridden": false, + "name": "os-locale", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "os-locale@1.4.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/os-locale", + "_dependencies": { + "lcid": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "lcid": { + "version": "1.0.0", + "overridden": false, + "name": "lcid", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "lcid@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lcid", + "_dependencies": { + "invert-kv": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "invert-kv": { + "version": "1.0.0", + "overridden": false, + "name": "invert-kv", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "invert-kv@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/invert-kv", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "pkg-conf": { + "version": "1.1.1", + "overridden": false, + "name": "pkg-conf", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pkg-conf@1.1.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pkg-conf", + "_dependencies": { + "find-up": "^1.0.0", + "object-assign": "^4.0.1", + "read-pkg": "^1.0.0", + "symbol": "^0.2.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "find-up": { + "version": "1.1.0", + "overridden": false, + "name": "find-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "find-up@1.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/find-up", + "_dependencies": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "path-exists": { + "version": "2.1.0", + "overridden": false, + "name": "path-exists", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "path-exists@2.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/path-exists", + "_dependencies": { + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "pinkie-promise": { + "version": "2.0.0", + "overridden": false, + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "pinkie": { + "version": "2.0.4", + "overridden": false, + "name": "pinkie", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie@2.0.4", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "object-assign": { + "version": "4.0.1", + "overridden": false, + "name": "object-assign", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "object-assign@4.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/object-assign", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "read-pkg": { + "version": "1.1.0", + "overridden": false, + "name": "read-pkg", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg@1.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg", + "_dependencies": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "load-json-file": { + "version": "1.1.0", + "overridden": false, + "name": "load-json-file", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "load-json-file@1.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/load-json-file", + "_dependencies": { + "graceful-fs": "^4.1.2", + "parse-json": "^2.2.0", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0", + "strip-bom": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "graceful-fs": { + "version": "4.1.3", + "overridden": false, + "name": "graceful-fs", + "inBundle": true, + "license": "ISC", + "engines": { + "node": ">=0.4.0" + }, + "_id": "graceful-fs@4.1.3", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/graceful-fs", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "parse-json": { + "version": "2.2.0", + "overridden": false, + "name": "parse-json", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "parse-json@2.2.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/parse-json", + "_dependencies": { + "error-ex": "^1.2.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "error-ex": { + "version": "1.3.0", + "overridden": false, + "name": "error-ex", + "inBundle": true, + "license": "MIT", + "_id": "error-ex@1.3.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/error-ex", + "_dependencies": { + "is-arrayish": "^0.2.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "is-arrayish": { + "version": "0.2.1", + "overridden": false, + "name": "is-arrayish", + "inBundle": true, + "license": "MIT", + "_id": "is-arrayish@0.2.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-arrayish", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "pify": { + "version": "2.3.0", + "overridden": false, + "name": "pify", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pify@2.3.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pify", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "strip-bom": { + "version": "2.0.0", + "overridden": false, + "name": "strip-bom", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-bom@2.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-bom", + "_dependencies": { + "is-utf8": "^0.2.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "is-utf8": { + "version": "0.2.1", + "overridden": false, + "name": "is-utf8", + "inBundle": true, + "license": "MIT", + "_id": "is-utf8@0.2.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-utf8", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "normalize-package-data": { + "version": "2.3.5", + "overridden": false, + "name": "normalize-package-data", + "inBundle": true, + "license": "BSD-2-Clause", + "_id": "normalize-package-data@2.3.5", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/normalize-package-data", + "_dependencies": { + "hosted-git-info": "^2.1.4", + "is-builtin-module": "^1.0.0", + "semver": "2 || 3 || 4 || 5", + "validate-npm-package-license": "^3.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "hosted-git-info": { + "version": "2.1.4", + "overridden": false, + "name": "hosted-git-info", + "inBundle": true, + "license": "ISC", + "_id": "hosted-git-info@2.1.4", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/hosted-git-info", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "is-builtin-module": { + "version": "1.0.0", + "overridden": false, + "name": "is-builtin-module", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "is-builtin-module@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-builtin-module", + "_dependencies": { + "builtin-modules": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "builtin-modules": { + "version": "1.1.1", + "overridden": false, + "name": "builtin-modules", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "builtin-modules@1.1.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/builtin-modules", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "semver": { + "version": "5.1.0", + "overridden": false, + "name": "semver", + "inBundle": true, + "license": "ISC", + "bin": { + "semver": "bin/semver" + }, + "_id": "semver@5.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/semver", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "validate-npm-package-license": { + "version": "3.0.1", + "overridden": false, + "name": "validate-npm-package-license", + "inBundle": true, + "license": "Apache-2.0", + "_id": "validate-npm-package-license@3.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/validate-npm-package-license", + "_dependencies": { + "spdx-correct": "~1.0.0", + "spdx-expression-parse": "~1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-correct": { + "version": "1.0.2", + "overridden": false, + "name": "spdx-correct", + "inBundle": true, + "license": "Apache-2.0", + "_id": "spdx-correct@1.0.2", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-correct", + "_dependencies": { + "spdx-license-ids": "^1.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-license-ids": { + "version": "1.2.0", + "overridden": false, + "name": "spdx-license-ids", + "inBundle": true, + "license": "Unlicense", + "_id": "spdx-license-ids@1.2.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-license-ids", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "spdx-expression-parse": { + "version": "1.0.2", + "overridden": false, + "name": "spdx-expression-parse", + "inBundle": true, + "license": "(MIT AND CC-BY-3.0)", + "_id": "spdx-expression-parse@1.0.2", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-expression-parse", + "_dependencies": { + "spdx-exceptions": "^1.0.4", + "spdx-license-ids": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-exceptions": { + "version": "1.0.4", + "overridden": false, + "name": "spdx-exceptions", + "inBundle": true, + "license": "CC-BY-3.0", + "_id": "spdx-exceptions@1.0.4", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-exceptions", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "spdx-license-ids": { + "version": "1.2.0", + "name": "spdx-license-ids", + "inBundle": true, + "license": "Unlicense", + "_id": "spdx-license-ids@1.2.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-license-ids", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + } + } + }, + "path-type": { + "version": "1.1.0", + "overridden": false, + "name": "path-type", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "path-type@1.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/path-type", + "_dependencies": { + "graceful-fs": "^4.1.2", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "graceful-fs": { + "version": "4.1.3", + "name": "graceful-fs", + "inBundle": true, + "license": "ISC", + "engines": { + "node": ">=0.4.0" + }, + "_id": "graceful-fs@4.1.3", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/graceful-fs", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pify": { + "version": "2.3.0", + "name": "pify", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pify@2.3.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pify", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "symbol": { + "version": "0.2.1", + "overridden": false, + "name": "symbol", + "inBundle": true, + "license": "MPLv2.0", + "_id": "symbol@0.2.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/symbol", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "read-pkg-up": { + "version": "1.0.1", + "overridden": false, + "name": "read-pkg-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg-up@1.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg-up", + "_dependencies": { + "find-up": "^1.0.0", + "read-pkg": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "find-up": { + "version": "1.1.0", + "name": "find-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "find-up@1.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/find-up", + "_dependencies": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "read-pkg": { + "version": "1.1.0", + "name": "read-pkg", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg@1.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg", + "_dependencies": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "require-main-filename": { + "version": "1.0.1", + "overridden": false, + "name": "require-main-filename", + "inBundle": true, + "license": "ISC", + "_id": "require-main-filename@1.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/require-main-filename", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "string-width": { + "version": "1.0.1", + "overridden": false, + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "code-point-at": { + "version": "1.0.0", + "overridden": false, + "name": "code-point-at", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "code-point-at@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/code-point-at", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "number-is-nan": { + "version": "1.0.0", + "overridden": false, + "name": "number-is-nan", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "number-is-nan@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/number-is-nan", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "is-fullwidth-code-point": { + "version": "1.0.0", + "overridden": false, + "name": "is-fullwidth-code-point", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "is-fullwidth-code-point@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "number-is-nan": { + "version": "1.0.0", + "name": "number-is-nan", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "number-is-nan@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/number-is-nan", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "strip-ansi": { + "version": "3.0.1", + "name": "strip-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-ansi@3.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-ansi", + "_dependencies": { + "ansi-regex": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "window-size": { + "version": "0.2.0", + "overridden": false, + "name": "window-size", + "inBundle": true, + "license": "MIT", + "bin": { + "window-size": "cli.js" + }, + "engines": { + "node": ">= 0.10.0" + }, + "_id": "window-size@0.2.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/window-size", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "y18n": { + "version": "3.2.0", + "overridden": false, + "name": "y18n", + "inBundle": true, + "license": "ISC", + "_id": "y18n@3.2.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/y18n", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "yargs-parser": { + "version": "2.1.0", + "overridden": false, + "name": "yargs-parser", + "inBundle": true, + "license": "ISC", + "_id": "yargs-parser@2.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/yargs-parser", + "_dependencies": { + "camelcase": "^2.1.0", + "lodash.assign": "^4.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "camelcase": { + "version": "2.1.0", + "name": "camelcase", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "camelcase@2.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/camelcase", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "lodash.assign": { + "version": "4.0.3", + "overridden": false, + "name": "lodash.assign", + "inBundle": true, + "license": "MIT", + "_id": "lodash.assign@4.0.3", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.assign", + "_dependencies": { + "lodash.keys": "^4.0.0", + "lodash.rest": "^4.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "lodash.keys": { + "version": "4.0.3", + "overridden": false, + "name": "lodash.keys", + "inBundle": true, + "license": "MIT", + "_id": "lodash.keys@4.0.3", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.keys", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "lodash.rest": { + "version": "4.0.1", + "overridden": false, + "name": "lodash.rest", + "inBundle": true, + "license": "MIT", + "_id": "lodash.rest@4.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.rest", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + } + } + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm10_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm10_node22_ubuntu-latest.json new file mode 100644 index 00000000..5aa837af --- /dev/null +++ b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm10_node22_ubuntu-latest.json @@ -0,0 +1,1147 @@ +{ + "version": "0.0.0", + "name": "demo-bundled-deps", + "private": true, + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "license": "Apache-2.0", + "_id": "demo-bundled-deps@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "_dependencies": { + "bundle-dependencies": "1.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "bundle-dependencies": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "overridden": false, + "name": "bundle-dependencies", + "integrity": "sha512-fM9Q9hJcX1ZYnyjveHTptFZqpLKDO2gdxRhuB8MNSYEQvC6kImDDH2038J/tHfcuV0JRGUj8n8axDY0AnFkXfA==", + "bundleDependencies": [ + "yargs" + ], + "bin": { + "bundle-dependencies": "dist/bin/index.js" + }, + "_id": "bundle-dependencies@1.0.2", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies", + "_dependencies": { + "yargs": "^4.1.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "yargs": { + "version": "4.1.0", + "overridden": false, + "name": "yargs", + "inBundle": true, + "license": "MIT", + "_id": "yargs@4.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/yargs", + "_dependencies": { + "camelcase": "^2.0.1", + "cliui": "^3.0.3", + "decamelize": "^1.1.1", + "os-locale": "^1.4.0", + "pkg-conf": "^1.1.1", + "read-pkg-up": "^1.0.1", + "require-main-filename": "^1.0.0", + "string-width": "^1.0.1", + "window-size": "^0.2.0", + "y18n": "^3.2.0", + "yargs-parser": "^2.1.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "camelcase": { + "version": "2.1.0", + "overridden": false, + "name": "camelcase", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "camelcase@2.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/camelcase", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "cliui": { + "version": "3.1.0", + "overridden": false, + "name": "cliui", + "inBundle": true, + "license": "ISC", + "_id": "cliui@3.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/cliui", + "_dependencies": { + "string-width": "^1.0.1", + "strip-ansi": "^3.0.0", + "wrap-ansi": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "string-width": { + "version": "1.0.1", + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "strip-ansi": { + "version": "3.0.1", + "overridden": false, + "name": "strip-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-ansi@3.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-ansi", + "_dependencies": { + "ansi-regex": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "ansi-regex": { + "version": "2.0.0", + "overridden": false, + "name": "ansi-regex", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "ansi-regex@2.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/ansi-regex", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "wrap-ansi": { + "version": "1.0.0", + "overridden": false, + "name": "wrap-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "wrap-ansi@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/wrap-ansi", + "_dependencies": { + "string-width": "^1.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "string-width": { + "version": "1.0.1", + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "decamelize": { + "version": "1.1.2", + "overridden": false, + "name": "decamelize", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "decamelize@1.1.2", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/decamelize", + "_dependencies": { + "escape-string-regexp": "^1.0.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "escape-string-regexp": { + "version": "1.0.5", + "overridden": false, + "name": "escape-string-regexp", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.8.0" + }, + "_id": "escape-string-regexp@1.0.5", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/escape-string-regexp", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "os-locale": { + "version": "1.4.0", + "overridden": false, + "name": "os-locale", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "os-locale@1.4.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/os-locale", + "_dependencies": { + "lcid": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "lcid": { + "version": "1.0.0", + "overridden": false, + "name": "lcid", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "lcid@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lcid", + "_dependencies": { + "invert-kv": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "invert-kv": { + "version": "1.0.0", + "overridden": false, + "name": "invert-kv", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "invert-kv@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/invert-kv", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "pkg-conf": { + "version": "1.1.1", + "overridden": false, + "name": "pkg-conf", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pkg-conf@1.1.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pkg-conf", + "_dependencies": { + "find-up": "^1.0.0", + "object-assign": "^4.0.1", + "read-pkg": "^1.0.0", + "symbol": "^0.2.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "find-up": { + "version": "1.1.0", + "overridden": false, + "name": "find-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "find-up@1.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/find-up", + "_dependencies": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "path-exists": { + "version": "2.1.0", + "overridden": false, + "name": "path-exists", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "path-exists@2.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/path-exists", + "_dependencies": { + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "pinkie-promise": { + "version": "2.0.0", + "overridden": false, + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "pinkie": { + "version": "2.0.4", + "overridden": false, + "name": "pinkie", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie@2.0.4", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "object-assign": { + "version": "4.0.1", + "overridden": false, + "name": "object-assign", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "object-assign@4.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/object-assign", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "read-pkg": { + "version": "1.1.0", + "overridden": false, + "name": "read-pkg", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg@1.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg", + "_dependencies": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "load-json-file": { + "version": "1.1.0", + "overridden": false, + "name": "load-json-file", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "load-json-file@1.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/load-json-file", + "_dependencies": { + "graceful-fs": "^4.1.2", + "parse-json": "^2.2.0", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0", + "strip-bom": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "graceful-fs": { + "version": "4.1.3", + "overridden": false, + "name": "graceful-fs", + "inBundle": true, + "license": "ISC", + "engines": { + "node": ">=0.4.0" + }, + "_id": "graceful-fs@4.1.3", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/graceful-fs", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "parse-json": { + "version": "2.2.0", + "overridden": false, + "name": "parse-json", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "parse-json@2.2.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/parse-json", + "_dependencies": { + "error-ex": "^1.2.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "error-ex": { + "version": "1.3.0", + "overridden": false, + "name": "error-ex", + "inBundle": true, + "license": "MIT", + "_id": "error-ex@1.3.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/error-ex", + "_dependencies": { + "is-arrayish": "^0.2.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "is-arrayish": { + "version": "0.2.1", + "overridden": false, + "name": "is-arrayish", + "inBundle": true, + "license": "MIT", + "_id": "is-arrayish@0.2.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-arrayish", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "pify": { + "version": "2.3.0", + "overridden": false, + "name": "pify", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pify@2.3.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pify", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "strip-bom": { + "version": "2.0.0", + "overridden": false, + "name": "strip-bom", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-bom@2.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-bom", + "_dependencies": { + "is-utf8": "^0.2.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "is-utf8": { + "version": "0.2.1", + "overridden": false, + "name": "is-utf8", + "inBundle": true, + "license": "MIT", + "_id": "is-utf8@0.2.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-utf8", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "normalize-package-data": { + "version": "2.3.5", + "overridden": false, + "name": "normalize-package-data", + "inBundle": true, + "license": "BSD-2-Clause", + "_id": "normalize-package-data@2.3.5", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/normalize-package-data", + "_dependencies": { + "hosted-git-info": "^2.1.4", + "is-builtin-module": "^1.0.0", + "semver": "2 || 3 || 4 || 5", + "validate-npm-package-license": "^3.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "hosted-git-info": { + "version": "2.1.4", + "overridden": false, + "name": "hosted-git-info", + "inBundle": true, + "license": "ISC", + "_id": "hosted-git-info@2.1.4", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/hosted-git-info", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "is-builtin-module": { + "version": "1.0.0", + "overridden": false, + "name": "is-builtin-module", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "is-builtin-module@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-builtin-module", + "_dependencies": { + "builtin-modules": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "builtin-modules": { + "version": "1.1.1", + "overridden": false, + "name": "builtin-modules", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "builtin-modules@1.1.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/builtin-modules", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "semver": { + "version": "5.1.0", + "overridden": false, + "name": "semver", + "inBundle": true, + "license": "ISC", + "bin": { + "semver": "bin/semver" + }, + "_id": "semver@5.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/semver", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "validate-npm-package-license": { + "version": "3.0.1", + "overridden": false, + "name": "validate-npm-package-license", + "inBundle": true, + "license": "Apache-2.0", + "_id": "validate-npm-package-license@3.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/validate-npm-package-license", + "_dependencies": { + "spdx-correct": "~1.0.0", + "spdx-expression-parse": "~1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-correct": { + "version": "1.0.2", + "overridden": false, + "name": "spdx-correct", + "inBundle": true, + "license": "Apache-2.0", + "_id": "spdx-correct@1.0.2", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-correct", + "_dependencies": { + "spdx-license-ids": "^1.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-license-ids": { + "version": "1.2.0", + "overridden": false, + "name": "spdx-license-ids", + "inBundle": true, + "license": "Unlicense", + "_id": "spdx-license-ids@1.2.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-license-ids", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "spdx-expression-parse": { + "version": "1.0.2", + "overridden": false, + "name": "spdx-expression-parse", + "inBundle": true, + "license": "(MIT AND CC-BY-3.0)", + "_id": "spdx-expression-parse@1.0.2", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-expression-parse", + "_dependencies": { + "spdx-exceptions": "^1.0.4", + "spdx-license-ids": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-exceptions": { + "version": "1.0.4", + "overridden": false, + "name": "spdx-exceptions", + "inBundle": true, + "license": "CC-BY-3.0", + "_id": "spdx-exceptions@1.0.4", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-exceptions", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "spdx-license-ids": { + "version": "1.2.0", + "name": "spdx-license-ids", + "inBundle": true, + "license": "Unlicense", + "_id": "spdx-license-ids@1.2.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-license-ids", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + } + } + }, + "path-type": { + "version": "1.1.0", + "overridden": false, + "name": "path-type", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "path-type@1.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/path-type", + "_dependencies": { + "graceful-fs": "^4.1.2", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "graceful-fs": { + "version": "4.1.3", + "name": "graceful-fs", + "inBundle": true, + "license": "ISC", + "engines": { + "node": ">=0.4.0" + }, + "_id": "graceful-fs@4.1.3", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/graceful-fs", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pify": { + "version": "2.3.0", + "name": "pify", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pify@2.3.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pify", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "symbol": { + "version": "0.2.1", + "overridden": false, + "name": "symbol", + "inBundle": true, + "license": "MPLv2.0", + "_id": "symbol@0.2.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/symbol", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "read-pkg-up": { + "version": "1.0.1", + "overridden": false, + "name": "read-pkg-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg-up@1.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg-up", + "_dependencies": { + "find-up": "^1.0.0", + "read-pkg": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "find-up": { + "version": "1.1.0", + "name": "find-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "find-up@1.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/find-up", + "_dependencies": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "read-pkg": { + "version": "1.1.0", + "name": "read-pkg", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg@1.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg", + "_dependencies": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "require-main-filename": { + "version": "1.0.1", + "overridden": false, + "name": "require-main-filename", + "inBundle": true, + "license": "ISC", + "_id": "require-main-filename@1.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/require-main-filename", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "string-width": { + "version": "1.0.1", + "overridden": false, + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "code-point-at": { + "version": "1.0.0", + "overridden": false, + "name": "code-point-at", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "code-point-at@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/code-point-at", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "number-is-nan": { + "version": "1.0.0", + "overridden": false, + "name": "number-is-nan", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "number-is-nan@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/number-is-nan", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "is-fullwidth-code-point": { + "version": "1.0.0", + "overridden": false, + "name": "is-fullwidth-code-point", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "is-fullwidth-code-point@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "number-is-nan": { + "version": "1.0.0", + "name": "number-is-nan", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "number-is-nan@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/number-is-nan", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "strip-ansi": { + "version": "3.0.1", + "name": "strip-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-ansi@3.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-ansi", + "_dependencies": { + "ansi-regex": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "window-size": { + "version": "0.2.0", + "overridden": false, + "name": "window-size", + "inBundle": true, + "license": "MIT", + "bin": { + "window-size": "cli.js" + }, + "engines": { + "node": ">= 0.10.0" + }, + "_id": "window-size@0.2.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/window-size", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "y18n": { + "version": "3.2.0", + "overridden": false, + "name": "y18n", + "inBundle": true, + "license": "ISC", + "_id": "y18n@3.2.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/y18n", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "yargs-parser": { + "version": "2.1.0", + "overridden": false, + "name": "yargs-parser", + "inBundle": true, + "license": "ISC", + "_id": "yargs-parser@2.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/yargs-parser", + "_dependencies": { + "camelcase": "^2.1.0", + "lodash.assign": "^4.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "camelcase": { + "version": "2.1.0", + "name": "camelcase", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "camelcase@2.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/camelcase", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "lodash.assign": { + "version": "4.0.3", + "overridden": false, + "name": "lodash.assign", + "inBundle": true, + "license": "MIT", + "_id": "lodash.assign@4.0.3", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.assign", + "_dependencies": { + "lodash.keys": "^4.0.0", + "lodash.rest": "^4.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "lodash.keys": { + "version": "4.0.3", + "overridden": false, + "name": "lodash.keys", + "inBundle": true, + "license": "MIT", + "_id": "lodash.keys@4.0.3", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.keys", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "lodash.rest": { + "version": "4.0.1", + "overridden": false, + "name": "lodash.rest", + "inBundle": true, + "license": "MIT", + "_id": "lodash.rest@4.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.rest", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + } + } + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm10_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm10_node22_windows-latest.json new file mode 100644 index 00000000..9ffc70d7 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm10_node22_windows-latest.json @@ -0,0 +1,1147 @@ +{ + "version": "0.0.0", + "name": "demo-bundled-deps", + "private": true, + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "license": "Apache-2.0", + "_id": "demo-bundled-deps@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "_dependencies": { + "bundle-dependencies": "1.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "bundle-dependencies": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "overridden": false, + "name": "bundle-dependencies", + "integrity": "sha512-fM9Q9hJcX1ZYnyjveHTptFZqpLKDO2gdxRhuB8MNSYEQvC6kImDDH2038J/tHfcuV0JRGUj8n8axDY0AnFkXfA==", + "bundleDependencies": [ + "yargs" + ], + "bin": { + "bundle-dependencies": "dist/bin/index.js" + }, + "_id": "bundle-dependencies@1.0.2", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies", + "_dependencies": { + "yargs": "^4.1.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "yargs": { + "version": "4.1.0", + "overridden": false, + "name": "yargs", + "inBundle": true, + "license": "MIT", + "_id": "yargs@4.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\yargs", + "_dependencies": { + "camelcase": "^2.0.1", + "cliui": "^3.0.3", + "decamelize": "^1.1.1", + "os-locale": "^1.4.0", + "pkg-conf": "^1.1.1", + "read-pkg-up": "^1.0.1", + "require-main-filename": "^1.0.0", + "string-width": "^1.0.1", + "window-size": "^0.2.0", + "y18n": "^3.2.0", + "yargs-parser": "^2.1.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "camelcase": { + "version": "2.1.0", + "overridden": false, + "name": "camelcase", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "camelcase@2.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\camelcase", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "cliui": { + "version": "3.1.0", + "overridden": false, + "name": "cliui", + "inBundle": true, + "license": "ISC", + "_id": "cliui@3.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\cliui", + "_dependencies": { + "string-width": "^1.0.1", + "strip-ansi": "^3.0.0", + "wrap-ansi": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "string-width": { + "version": "1.0.1", + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "strip-ansi": { + "version": "3.0.1", + "overridden": false, + "name": "strip-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-ansi@3.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\strip-ansi", + "_dependencies": { + "ansi-regex": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "ansi-regex": { + "version": "2.0.0", + "overridden": false, + "name": "ansi-regex", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "ansi-regex@2.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\ansi-regex", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "wrap-ansi": { + "version": "1.0.0", + "overridden": false, + "name": "wrap-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "wrap-ansi@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\wrap-ansi", + "_dependencies": { + "string-width": "^1.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "string-width": { + "version": "1.0.1", + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "decamelize": { + "version": "1.1.2", + "overridden": false, + "name": "decamelize", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "decamelize@1.1.2", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\decamelize", + "_dependencies": { + "escape-string-regexp": "^1.0.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "escape-string-regexp": { + "version": "1.0.5", + "overridden": false, + "name": "escape-string-regexp", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.8.0" + }, + "_id": "escape-string-regexp@1.0.5", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\escape-string-regexp", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "os-locale": { + "version": "1.4.0", + "overridden": false, + "name": "os-locale", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "os-locale@1.4.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\os-locale", + "_dependencies": { + "lcid": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "lcid": { + "version": "1.0.0", + "overridden": false, + "name": "lcid", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "lcid@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\lcid", + "_dependencies": { + "invert-kv": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "invert-kv": { + "version": "1.0.0", + "overridden": false, + "name": "invert-kv", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "invert-kv@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\invert-kv", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "pkg-conf": { + "version": "1.1.1", + "overridden": false, + "name": "pkg-conf", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pkg-conf@1.1.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pkg-conf", + "_dependencies": { + "find-up": "^1.0.0", + "object-assign": "^4.0.1", + "read-pkg": "^1.0.0", + "symbol": "^0.2.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "find-up": { + "version": "1.1.0", + "overridden": false, + "name": "find-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "find-up@1.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\find-up", + "_dependencies": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "path-exists": { + "version": "2.1.0", + "overridden": false, + "name": "path-exists", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "path-exists@2.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\path-exists", + "_dependencies": { + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "pinkie-promise": { + "version": "2.0.0", + "overridden": false, + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "pinkie": { + "version": "2.0.4", + "overridden": false, + "name": "pinkie", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie@2.0.4", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pinkie", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "object-assign": { + "version": "4.0.1", + "overridden": false, + "name": "object-assign", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "object-assign@4.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\object-assign", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "read-pkg": { + "version": "1.1.0", + "overridden": false, + "name": "read-pkg", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg@1.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\read-pkg", + "_dependencies": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "load-json-file": { + "version": "1.1.0", + "overridden": false, + "name": "load-json-file", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "load-json-file@1.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\load-json-file", + "_dependencies": { + "graceful-fs": "^4.1.2", + "parse-json": "^2.2.0", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0", + "strip-bom": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "graceful-fs": { + "version": "4.1.3", + "overridden": false, + "name": "graceful-fs", + "inBundle": true, + "license": "ISC", + "engines": { + "node": ">=0.4.0" + }, + "_id": "graceful-fs@4.1.3", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\graceful-fs", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "parse-json": { + "version": "2.2.0", + "overridden": false, + "name": "parse-json", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "parse-json@2.2.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\parse-json", + "_dependencies": { + "error-ex": "^1.2.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "error-ex": { + "version": "1.3.0", + "overridden": false, + "name": "error-ex", + "inBundle": true, + "license": "MIT", + "_id": "error-ex@1.3.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\error-ex", + "_dependencies": { + "is-arrayish": "^0.2.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "is-arrayish": { + "version": "0.2.1", + "overridden": false, + "name": "is-arrayish", + "inBundle": true, + "license": "MIT", + "_id": "is-arrayish@0.2.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\is-arrayish", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "pify": { + "version": "2.3.0", + "overridden": false, + "name": "pify", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pify@2.3.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pify", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "strip-bom": { + "version": "2.0.0", + "overridden": false, + "name": "strip-bom", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-bom@2.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\strip-bom", + "_dependencies": { + "is-utf8": "^0.2.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "is-utf8": { + "version": "0.2.1", + "overridden": false, + "name": "is-utf8", + "inBundle": true, + "license": "MIT", + "_id": "is-utf8@0.2.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\is-utf8", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "normalize-package-data": { + "version": "2.3.5", + "overridden": false, + "name": "normalize-package-data", + "inBundle": true, + "license": "BSD-2-Clause", + "_id": "normalize-package-data@2.3.5", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\normalize-package-data", + "_dependencies": { + "hosted-git-info": "^2.1.4", + "is-builtin-module": "^1.0.0", + "semver": "2 || 3 || 4 || 5", + "validate-npm-package-license": "^3.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "hosted-git-info": { + "version": "2.1.4", + "overridden": false, + "name": "hosted-git-info", + "inBundle": true, + "license": "ISC", + "_id": "hosted-git-info@2.1.4", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\hosted-git-info", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "is-builtin-module": { + "version": "1.0.0", + "overridden": false, + "name": "is-builtin-module", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "is-builtin-module@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\is-builtin-module", + "_dependencies": { + "builtin-modules": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "builtin-modules": { + "version": "1.1.1", + "overridden": false, + "name": "builtin-modules", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "builtin-modules@1.1.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\builtin-modules", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "semver": { + "version": "5.1.0", + "overridden": false, + "name": "semver", + "inBundle": true, + "license": "ISC", + "bin": { + "semver": "bin/semver" + }, + "_id": "semver@5.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\semver", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "validate-npm-package-license": { + "version": "3.0.1", + "overridden": false, + "name": "validate-npm-package-license", + "inBundle": true, + "license": "Apache-2.0", + "_id": "validate-npm-package-license@3.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\validate-npm-package-license", + "_dependencies": { + "spdx-correct": "~1.0.0", + "spdx-expression-parse": "~1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-correct": { + "version": "1.0.2", + "overridden": false, + "name": "spdx-correct", + "inBundle": true, + "license": "Apache-2.0", + "_id": "spdx-correct@1.0.2", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\spdx-correct", + "_dependencies": { + "spdx-license-ids": "^1.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-license-ids": { + "version": "1.2.0", + "overridden": false, + "name": "spdx-license-ids", + "inBundle": true, + "license": "Unlicense", + "_id": "spdx-license-ids@1.2.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\spdx-license-ids", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "spdx-expression-parse": { + "version": "1.0.2", + "overridden": false, + "name": "spdx-expression-parse", + "inBundle": true, + "license": "(MIT AND CC-BY-3.0)", + "_id": "spdx-expression-parse@1.0.2", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\spdx-expression-parse", + "_dependencies": { + "spdx-exceptions": "^1.0.4", + "spdx-license-ids": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-exceptions": { + "version": "1.0.4", + "overridden": false, + "name": "spdx-exceptions", + "inBundle": true, + "license": "CC-BY-3.0", + "_id": "spdx-exceptions@1.0.4", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\spdx-exceptions", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "spdx-license-ids": { + "version": "1.2.0", + "name": "spdx-license-ids", + "inBundle": true, + "license": "Unlicense", + "_id": "spdx-license-ids@1.2.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\spdx-license-ids", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + } + } + }, + "path-type": { + "version": "1.1.0", + "overridden": false, + "name": "path-type", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "path-type@1.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\path-type", + "_dependencies": { + "graceful-fs": "^4.1.2", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "graceful-fs": { + "version": "4.1.3", + "name": "graceful-fs", + "inBundle": true, + "license": "ISC", + "engines": { + "node": ">=0.4.0" + }, + "_id": "graceful-fs@4.1.3", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\graceful-fs", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pify": { + "version": "2.3.0", + "name": "pify", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pify@2.3.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pify", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "symbol": { + "version": "0.2.1", + "overridden": false, + "name": "symbol", + "inBundle": true, + "license": "MPLv2.0", + "_id": "symbol@0.2.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\symbol", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "read-pkg-up": { + "version": "1.0.1", + "overridden": false, + "name": "read-pkg-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg-up@1.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\read-pkg-up", + "_dependencies": { + "find-up": "^1.0.0", + "read-pkg": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "find-up": { + "version": "1.1.0", + "name": "find-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "find-up@1.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\find-up", + "_dependencies": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "read-pkg": { + "version": "1.1.0", + "name": "read-pkg", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg@1.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\read-pkg", + "_dependencies": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "require-main-filename": { + "version": "1.0.1", + "overridden": false, + "name": "require-main-filename", + "inBundle": true, + "license": "ISC", + "_id": "require-main-filename@1.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\require-main-filename", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "string-width": { + "version": "1.0.1", + "overridden": false, + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "code-point-at": { + "version": "1.0.0", + "overridden": false, + "name": "code-point-at", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "code-point-at@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\code-point-at", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "number-is-nan": { + "version": "1.0.0", + "overridden": false, + "name": "number-is-nan", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "number-is-nan@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\number-is-nan", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "is-fullwidth-code-point": { + "version": "1.0.0", + "overridden": false, + "name": "is-fullwidth-code-point", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "is-fullwidth-code-point@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\is-fullwidth-code-point", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "number-is-nan": { + "version": "1.0.0", + "name": "number-is-nan", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "number-is-nan@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\number-is-nan", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "strip-ansi": { + "version": "3.0.1", + "name": "strip-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-ansi@3.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\strip-ansi", + "_dependencies": { + "ansi-regex": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "window-size": { + "version": "0.2.0", + "overridden": false, + "name": "window-size", + "inBundle": true, + "license": "MIT", + "bin": { + "window-size": "cli.js" + }, + "engines": { + "node": ">= 0.10.0" + }, + "_id": "window-size@0.2.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\window-size", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "y18n": { + "version": "3.2.0", + "overridden": false, + "name": "y18n", + "inBundle": true, + "license": "ISC", + "_id": "y18n@3.2.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\y18n", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "yargs-parser": { + "version": "2.1.0", + "overridden": false, + "name": "yargs-parser", + "inBundle": true, + "license": "ISC", + "_id": "yargs-parser@2.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\yargs-parser", + "_dependencies": { + "camelcase": "^2.1.0", + "lodash.assign": "^4.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "camelcase": { + "version": "2.1.0", + "name": "camelcase", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "camelcase@2.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\camelcase", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "lodash.assign": { + "version": "4.0.3", + "overridden": false, + "name": "lodash.assign", + "inBundle": true, + "license": "MIT", + "_id": "lodash.assign@4.0.3", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\lodash.assign", + "_dependencies": { + "lodash.keys": "^4.0.0", + "lodash.rest": "^4.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "lodash.keys": { + "version": "4.0.3", + "overridden": false, + "name": "lodash.keys", + "inBundle": true, + "license": "MIT", + "_id": "lodash.keys@4.0.3", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\lodash.keys", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "lodash.rest": { + "version": "4.0.1", + "overridden": false, + "name": "lodash.rest", + "inBundle": true, + "license": "MIT", + "_id": "lodash.rest@4.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\lodash.rest", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + } + } + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm6_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm6_node22_macos-latest.json new file mode 100644 index 00000000..5da79a86 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm6_node22_macos-latest.json @@ -0,0 +1,6759 @@ +{ + "name": "demo-bundled-deps", + "private": true, + "version": "0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "license": "Apache-2.0", + "dependencies": { + "bundle-dependencies": { + "_from": "bundle-dependencies@1.0.2", + "_id": "bundle-dependencies@1.0.2", + "_integrity": "sha512-fM9Q9hJcX1ZYnyjveHTptFZqpLKDO2gdxRhuB8MNSYEQvC6kImDDH2038J/tHfcuV0JRGUj8n8axDY0AnFkXfA==", + "_location": "/bundle-dependencies", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "bundle-dependencies@1.0.2", + "name": "bundle-dependencies", + "escapedName": "bundle-dependencies", + "rawSpec": "1.0.2", + "saveSpec": null, + "fetchSpec": "1.0.2" + }, + "_requiredBy": [ + "/" + ], + "_resolved": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "_shasum": "9a5e4fa98cc7eaacf76215ee41361d1d580368a9", + "_spec": "1.0.2", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Gajus Kuizinas", + "email": "gajus@gajus.com", + "url": "http://gajus.com" + }, + "bin": { + "bundle-dependencies": "dist/bin/index.js" + }, + "bugs": { + "url": "https://github.com/gajus/bundle-dependencies/issues" + }, + "bundleDependencies": [ + "yargs" + ], + "dependencies": { + "yargs": { + "_args": [ + [ + "yargs@^4.1.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies" + ], + [ + "yargs@4.1.0", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "yargs@>=4.1.0 <5.0.0", + "_id": "yargs@4.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/yargs", + "_nodeVersion": "3.2.0", + "_npmOperationalInternal": { + "host": "packages-5-east.internal.npmjs.com", + "tmp": "tmp/yargs-4.1.0.tgz_1455554454146_0.05233815615065396" + }, + "_npmUser": { + "email": "ben@npmjs.com", + "name": "bcoe" + }, + "_npmVersion": "3.3.0", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "yargs@4.1.0", + "name": "yargs", + "escapedName": "yargs", + "rawSpec": "4.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "4.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies" + ], + "_resolved": "https://registry.npmjs.org/yargs/-/yargs-4.1.0.tgz", + "_shasum": "035e5ea466ac7fea584b00353e33eae4082b9894", + "_shrinkwrap": "[Circular]", + "_spec": "4.1.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "bugs": { + "url": "https://github.com/bcoe/yargs/issues" + }, + "dependencies": { + "camelcase": { + "_args": [ + [ + "camelcase@^2.0.1", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "camelcase@2.1.0", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "camelcase@>=2.0.1 <3.0.0", + "_id": "camelcase@2.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/camelcase", + "_nodeVersion": "4.2.4", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "3.6.0", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "camelcase@2.1.0", + "name": "camelcase", + "escapedName": "camelcase", + "rawSpec": "2.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs", + "/bundle-dependencies/yargs-parser" + ], + "_resolved": "https://registry.npmjs.org/camelcase/-/camelcase-2.1.0.tgz", + "_shasum": "533ad4cd7f8a1080ded31aba6c79b4bf437ff30c", + "_shrinkwrap": "[Circular]", + "_spec": "2.1.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "http://sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/camelcase/issues" + }, + "dependencies": {}, + "description": "Convert a dash/dot/underscore/space separated string to camelCase: foo-bar → fooBar", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "533ad4cd7f8a1080ded31aba6c79b4bf437ff30c", + "tarball": "http://registry.npmjs.org/camelcase/-/camelcase-2.1.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "9b73ccb3f48ab86eccb136c155f0eb2e67f40dc3", + "homepage": "https://github.com/sindresorhus/camelcase#readme", + "keywords": [ + "camelcase", + "camel-case", + "camel", + "case", + "dash", + "hyphen", + "dot", + "underscore", + "separator", + "string", + "text", + "convert" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "camelcase", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/camelcase.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "2.1.0", + "readme": "# camelcase [![Build Status](https://travis-ci.org/sindresorhus/camelcase.svg?branch=master)](https://travis-ci.org/sindresorhus/camelcase)\n\n> Convert a dash/dot/underscore/space separated string to camelCase: `foo-bar` → `fooBar`\n\n\n## Install\n\n```\n$ npm install --save camelcase\n```\n\n\n## Usage\n\n```js\nconst camelCase = require('camelcase');\n\ncamelCase('foo-bar');\n//=> 'fooBar'\n\ncamelCase('foo_bar');\n//=> 'fooBar'\n\ncamelCase('Foo-Bar');\n//=> 'fooBar'\n\ncamelCase('--foo.bar');\n//=> 'fooBar'\n\ncamelCase('__foo__bar__');\n//=> 'fooBar'\n\ncamelCase('foo bar');\n//=> 'fooBar'\n\nconsole.log(process.argv[3]);\n//=> '--foo-bar'\ncamelCase(process.argv[3]);\n//=> 'fooBar'\n\ncamelCase('foo', 'bar');\n//=> 'fooBar'\n\ncamelCase('__foo__', '--bar');\n//=> 'fooBar'\n```\n\n\n## Related\n\n- [decamelize](https://github.com/sindresorhus/decamelize) - The inverse of this module\n- [uppercamelcase](https://github.com/SamVerschueren/uppercamelcase) - Like this module, but to PascalCase instead of camelCase\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/camelcase", + "error": "[Circular]", + "extraneous": false + }, + "cliui": { + "_args": [ + [ + "cliui@^3.0.3", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "cliui@3.1.0", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "cliui@>=3.0.3 <4.0.0", + "_id": "cliui@3.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/cliui", + "_nodeVersion": "0.10.36", + "_npmUser": { + "email": "ben@npmjs.com", + "name": "bcoe" + }, + "_npmVersion": "2.7.5", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "cliui@3.1.0", + "name": "cliui", + "escapedName": "cliui", + "rawSpec": "3.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "3.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/cliui/-/cliui-3.1.0.tgz", + "_shasum": "a3b880308e0a8191721e0081a8c2a8b506d0abf9", + "_shrinkwrap": "[Circular]", + "_spec": "3.1.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Ben Coe", + "email": "ben@npmjs.com" + }, + "bugs": { + "url": "https://github.com/bcoe/cliui/issues" + }, + "config": { + "blanket": { + "data-cover-never": [ + "node_modules", + "test" + ], + "output-reporter": "spec", + "pattern": [ + "index.js" + ] + } + }, + "dependencies": { + "string-width": { + "_args": [ + [ + "string-width@^1.0.1", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "string-width@1.0.1", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "string-width@>=1.0.1 <2.0.0", + "_id": "string-width@1.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/string-width", + "_nodeVersion": "0.12.5", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.11.2", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "string-width@1.0.1", + "name": "string-width", + "escapedName": "string-width", + "rawSpec": "1.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.1" + }, + "_requiredBy": [ + "/bundle-dependencies/cliui", + "/bundle-dependencies/wrap-ansi", + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/string-width/-/string-width-1.0.1.tgz", + "_shasum": "c92129b6f1d7f52acf9af424a26e3864a05ceb0a", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.1", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/string-width/issues" + }, + "dependencies": {}, + "description": "Get the visual width of a string - the number of columns required to display it", + "devDependencies": { + "ava": "0.0.4" + }, + "directories": {}, + "dist": { + "shasum": "c92129b6f1d7f52acf9af424a26e3864a05ceb0a", + "tarball": "http://registry.npmjs.org/string-width/-/string-width-1.0.1.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "f279cfd14835f0a3c8df69ba18e9a3960156e135", + "homepage": "https://github.com/sindresorhus/string-width", + "keywords": [ + "string", + "str", + "character", + "char", + "unicode", + "width", + "visual", + "column", + "columns", + "fullwidth", + "full-width", + "full", + "ansi", + "escape", + "codes", + "cli", + "command-line", + "terminal", + "console", + "cjk", + "chinese", + "japanese", + "korean", + "fixed-width" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "string-width", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/string-width.git" + }, + "scripts": { + "test": "node test.js" + }, + "version": "1.0.1", + "readme": "# string-width [![Build Status](https://travis-ci.org/sindresorhus/string-width.svg?branch=master)](https://travis-ci.org/sindresorhus/string-width)\n\n> Get the visual width of a string - the number of columns required to display it\n\nSome Unicode characters are [fullwidth](https://en.wikipedia.org/wiki/Halfwidth_and_fullwidth_forms) and use double the normal width.\n\nUseful to be able to measure the actual width of command-line output.\n\n\n## Install\n\n```\n$ npm install --save string-width\n```\n\n\n## Usage\n\n```js\nvar stringWidth = require('string-width');\n\nstringWidth('古');\n//=> 2\n\nstringWidth('\\u001b[1m古\\u001b[22m');\n//=> 2\n\nstringWidth('a');\n//=> 1\n```\n\n\n## Related\n\n- [string-width-cli](https://github.com/sindresorhus/string-width-cli) - CLI for this module\n- [string-length](https://github.com/sindresorhus/string-length) - Get the real length of a string\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "error": "[Circular]", + "extraneous": false, + "_deduped": "bundle-dependencies/string-width" + }, + "strip-ansi": { + "_args": [ + [ + "strip-ansi@^3.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/cliui" + ], + [ + "strip-ansi@3.0.1", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "strip-ansi@>=3.0.0 <4.0.0", + "_id": "strip-ansi@3.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/strip-ansi", + "_nodeVersion": "0.12.7", + "_npmOperationalInternal": { + "host": "packages-9-west.internal.npmjs.com", + "tmp": "tmp/strip-ansi-3.0.1.tgz_1456057278183_0.28958667791448534" + }, + "_npmUser": { + "email": "jappelman@xebia.com", + "name": "jbnicolai" + }, + "_npmVersion": "2.11.3", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "strip-ansi@3.0.1", + "name": "strip-ansi", + "escapedName": "strip-ansi", + "rawSpec": "3.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "3.0.1" + }, + "_requiredBy": [ + "/bundle-dependencies/cliui", + "/bundle-dependencies/string-width" + ], + "_resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz", + "_shasum": "6a385fb8853d952d5ff05d0e8aaf94278dc63dcf", + "_shrinkwrap": "[Circular]", + "_spec": "3.0.1", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/chalk/strip-ansi/issues" + }, + "dependencies": { + "ansi-regex": { + "_args": [ + [ + "ansi-regex@^2.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/strip-ansi" + ], + [ + "ansi-regex@2.0.0", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "ansi-regex@>=2.0.0 <3.0.0", + "_id": "ansi-regex@2.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/ansi-regex", + "_nodeVersion": "0.12.5", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.11.2", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "ansi-regex@2.0.0", + "name": "ansi-regex", + "escapedName": "ansi-regex", + "rawSpec": "2.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/strip-ansi" + ], + "_resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.0.0.tgz", + "_shasum": "c5061b6e0ef8a81775e50f5d66151bf6bf371107", + "_shrinkwrap": "[Circular]", + "_spec": "2.0.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/ansi-regex/issues" + }, + "dependencies": {}, + "description": "Regular expression for matching ANSI escape codes", + "devDependencies": { + "mocha": "*" + }, + "directories": {}, + "dist": { + "shasum": "c5061b6e0ef8a81775e50f5d66151bf6bf371107", + "tarball": "http://registry.npmjs.org/ansi-regex/-/ansi-regex-2.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "57c3f2941a73079fa8b081e02a522e3d29913e2f", + "homepage": "https://github.com/sindresorhus/ansi-regex", + "keywords": [ + "ansi", + "styles", + "color", + "colour", + "colors", + "terminal", + "console", + "cli", + "string", + "tty", + "escape", + "formatting", + "rgb", + "256", + "shell", + "xterm", + "command-line", + "text", + "regex", + "regexp", + "re", + "match", + "test", + "find", + "pattern" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + }, + { + "name": "jbnicolai", + "email": "jappelman@xebia.com" + } + ], + "name": "ansi-regex", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/ansi-regex.git" + }, + "scripts": { + "test": "mocha test/test.js", + "view-supported": "node test/viewCodes.js" + }, + "version": "2.0.0", + "readme": "# ansi-regex [![Build Status](https://travis-ci.org/sindresorhus/ansi-regex.svg?branch=master)](https://travis-ci.org/sindresorhus/ansi-regex)\n\n> Regular expression for matching [ANSI escape codes](http://en.wikipedia.org/wiki/ANSI_escape_code)\n\n\n## Install\n\n```\n$ npm install --save ansi-regex\n```\n\n\n## Usage\n\n```js\nvar ansiRegex = require('ansi-regex');\n\nansiRegex().test('\\u001b[4mcake\\u001b[0m');\n//=> true\n\nansiRegex().test('cake');\n//=> false\n\n'\\u001b[4mcake\\u001b[0m'.match(ansiRegex());\n//=> ['\\u001b[4m', '\\u001b[0m']\n```\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/ansi-regex", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Strip ANSI escape codes", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "6a385fb8853d952d5ff05d0e8aaf94278dc63dcf", + "tarball": "http://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "8270705c704956da865623e564eba4875c3ea17f", + "homepage": "https://github.com/chalk/strip-ansi", + "keywords": [ + "strip", + "trim", + "remove", + "ansi", + "styles", + "color", + "colour", + "colors", + "terminal", + "console", + "string", + "tty", + "escape", + "formatting", + "rgb", + "256", + "shell", + "xterm", + "log", + "logging", + "command-line", + "text" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + }, + { + "name": "jbnicolai", + "email": "jappelman@xebia.com" + } + ], + "name": "strip-ansi", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/chalk/strip-ansi.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "3.0.1", + "readme": "# strip-ansi [![Build Status](https://travis-ci.org/chalk/strip-ansi.svg?branch=master)](https://travis-ci.org/chalk/strip-ansi)\n\n> Strip [ANSI escape codes](http://en.wikipedia.org/wiki/ANSI_escape_code)\n\n\n## Install\n\n```\n$ npm install --save strip-ansi\n```\n\n\n## Usage\n\n```js\nvar stripAnsi = require('strip-ansi');\n\nstripAnsi('\\u001b[4mcake\\u001b[0m');\n//=> 'cake'\n```\n\n\n## Related\n\n- [strip-ansi-cli](https://github.com/chalk/strip-ansi-cli) - CLI for this module\n- [has-ansi](https://github.com/chalk/has-ansi) - Check if a string has ANSI escape codes\n- [ansi-regex](https://github.com/chalk/ansi-regex) - Regular expression for matching ANSI escape codes\n- [chalk](https://github.com/chalk/chalk) - Terminal string styling done right\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "ansi-regex": "^2.0.0" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-ansi", + "error": "[Circular]", + "extraneous": false + }, + "wrap-ansi": { + "_args": [ + [ + "wrap-ansi@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/cliui" + ], + [ + "wrap-ansi@1.0.0", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "wrap-ansi@>=1.0.0 <2.0.0", + "_id": "wrap-ansi@1.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/wrap-ansi", + "_nodeVersion": "1.1.0", + "_npmUser": { + "email": "bencoe@gmail.com", + "name": "bcoe" + }, + "_npmVersion": "3.3.6", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "wrap-ansi@1.0.0", + "name": "wrap-ansi", + "escapedName": "wrap-ansi", + "rawSpec": "1.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/cliui" + ], + "_resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-1.0.0.tgz", + "_shasum": "f573bb9ee23cf43891f3362f5f359a1dfa38fc34", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/chalk/wrap-ansi/issues" + }, + "dependencies": { + "string-width": { + "_args": "[Circular]", + "_from": "string-width@>=1.0.1 <2.0.0", + "_id": "string-width@1.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/string-width", + "_nodeVersion": "0.12.5", + "_npmUser": "[Circular]", + "_npmVersion": "2.11.2", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "string-width@1.0.1", + "name": "string-width", + "escapedName": "string-width", + "rawSpec": "1.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.1" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/string-width/-/string-width-1.0.1.tgz", + "_shasum": "c92129b6f1d7f52acf9af424a26e3864a05ceb0a", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.1", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "Get the visual width of a string - the number of columns required to display it", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "f279cfd14835f0a3c8df69ba18e9a3960156e135", + "homepage": "https://github.com/sindresorhus/string-width", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "string-width", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "1.0.1", + "readme": "# string-width [![Build Status](https://travis-ci.org/sindresorhus/string-width.svg?branch=master)](https://travis-ci.org/sindresorhus/string-width)\n\n> Get the visual width of a string - the number of columns required to display it\n\nSome Unicode characters are [fullwidth](https://en.wikipedia.org/wiki/Halfwidth_and_fullwidth_forms) and use double the normal width.\n\nUseful to be able to measure the actual width of command-line output.\n\n\n## Install\n\n```\n$ npm install --save string-width\n```\n\n\n## Usage\n\n```js\nvar stringWidth = require('string-width');\n\nstringWidth('古');\n//=> 2\n\nstringWidth('\\u001b[1m古\\u001b[22m');\n//=> 2\n\nstringWidth('a');\n//=> 1\n```\n\n\n## Related\n\n- [string-width-cli](https://github.com/sindresorhus/string-width-cli) - CLI for this module\n- [string-length](https://github.com/sindresorhus/string-length) - Get the real length of a string\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "error": "[Circular]", + "extraneous": false, + "_deduped": "bundle-dependencies/string-width" + } + }, + "description": "Wordwrap a string with ANSI escape codes", + "devDependencies": { + "ava": "0.0.4", + "chalk": "^1.1.0", + "coveralls": "^2.11.4", + "has-ansi": "^2.0.0", + "nyc": "^3.2.2", + "strip-ansi": "^3.0.0", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "f573bb9ee23cf43891f3362f5f359a1dfa38fc34", + "tarball": "http://registry.npmjs.org/wrap-ansi/-/wrap-ansi-1.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "c890e95ea671779012fa73fd77b74198e8c5d09b", + "homepage": "https://github.com/chalk/wrap-ansi#readme", + "keywords": [ + "wrap", + "break", + "wordwrap", + "wordbreak", + "linewrap", + "ansi", + "styles", + "color", + "colour", + "colors", + "terminal", + "console", + "cli", + "string", + "tty", + "escape", + "formatting", + "rgb", + "256", + "shell", + "xterm", + "log", + "logging", + "command-line", + "text" + ], + "license": "MIT", + "maintainers": [ + { + "name": "bcoe", + "email": "ben@npmjs.com" + }, + { + "name": "jbnicolai", + "email": "jappelman@xebia.com" + }, + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "wrap-ansi", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/chalk/wrap-ansi.git" + }, + "scripts": { + "coverage": "nyc --reporter=text-lcov node test.js | coveralls", + "test": "xo && nyc node test.js" + }, + "version": "1.0.0", + "readme": "# wrap-ansi [![Build Status](https://travis-ci.org/chalk/wrap-ansi.svg?branch=master)](https://travis-ci.org/chalk/wrap-ansi) [![Coverage Status](https://coveralls.io/repos/chalk/wrap-ansi/badge.svg?branch=master&service=github)](https://coveralls.io/github/chalk/wrap-ansi?branch=master)\n\n> Wordwrap a string with [ANSI escape codes](http://en.wikipedia.org/wiki/ANSI_escape_code#Colors_and_Styles)\n\n\n## Install\n\n```\n$ npm install --save wrap-ansi\n```\n\n\n## Usage\n\n```js\nconst chalk = require('chalk');\nconst wrapAnsi = require('wrap-ansi');\n\nconst input = 'The quick brown ' + chalk.red('fox jumped over ') +\n\t'the lazy ' + chalk.green('dog and then ran away with the unicorn.');\n\nconsole.log(wrapAnsi(input, 20));\n```\n\n\n\n\n## API\n\n### wrapAnsi(input, columns, [options])\n\nWrap words to the specified column width.\n\n#### input\n\nType: `string`\n\nString with ANSI escape codes. Like one styled by [`chalk`](https://github.com/chalk/chalk).\n\n#### columns\n\nType: `number`\n\nNumber of columns to wrap the text to.\n\n#### options.hard\n\nType: `boolean` \nDefault: `false`\n\nBy default the wrap is soft, meaning long words may extend past the column width. Setting this to `true` will make it hard wrap at the column width.\n\n\n## Related\n\n- [slice-ansi](https://github.com/chalk/slice-ansi) - Slice a string with ANSI escape codes\n- [chalk](https://github.com/chalk/chalk) - Terminal string styling done right\n- [jsesc](https://github.com/mathiasbynens/jsesc) - Generate ASCII-only output from Unicode strings. Useful for creating test fixtures.\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "string-width": "^1.0.1" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/wrap-ansi", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "easily create complex multi-column command-line-interfaces", + "devDependencies": { + "chai": "^3.3.0", + "chalk": "^1.1.1", + "coveralls": "^2.11.4", + "mocha": "^2.3.3", + "nyc": "^3.2.2", + "standard": "^5.3.1" + }, + "directories": {}, + "dist": { + "shasum": "a3b880308e0a8191721e0081a8c2a8b506d0abf9", + "tarball": "http://registry.npmjs.org/cliui/-/cliui-3.1.0.tgz" + }, + "gitHead": "c8eb1b4aa6d2efdb5bc4903fb1fa6e9f7f066a72", + "homepage": "https://github.com/bcoe/cliui", + "keywords": [ + "cli", + "command-line", + "layout", + "design", + "console", + "wrap", + "table" + ], + "license": "ISC", + "main": "index.js", + "maintainers": [ + { + "name": "bcoe", + "email": "ben@npmjs.com" + } + ], + "name": "cliui", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+ssh://git@github.com/bcoe/cliui.git" + }, + "scripts": { + "coverage": "nyc --reporter=text-lcov mocha | coveralls", + "test": "standard && nyc mocha" + }, + "standard": { + "globals": [ + "it" + ], + "ignore": [ + "**/example/**" + ] + }, + "version": "3.1.0", + "readme": "# cliui\n\n[![Build Status](https://travis-ci.org/bcoe/cliui.png)](https://travis-ci.org/bcoe/cliui)\n[![Coverage Status](https://coveralls.io/repos/bcoe/cliui/badge.svg?branch=)](https://coveralls.io/r/bcoe/cliui?branch=)\n[![NPM version](https://img.shields.io/npm/v/cliui.svg)](https://www.npmjs.com/package/cliui)\n\neasily create complex multi-column command-line-interfaces.\n\n## Example\n\n```js\nvar ui = require('cliui')({\n width: 80\n})\n\nui.div('Usage: $0 [command] [options]')\n\nui.div({\n text: 'Options:',\n padding: [2, 0, 2, 0]\n})\n\nui.div(\n {\n text: \"-f, --file\",\n width: 20,\n padding: [0, 4, 0, 4]\n },\n {\n text: \"the file to load.\" +\n chalk.green(\"(if this description is long it wraps).\")\n ,\n width: 20\n },\n {\n text: chalk.red(\"[required]\"),\n align: 'right'\n }\n)\n\nconsole.log(ui.toString())\n```\n\n\n\n## Layout DSL\n\ncliui exposes a simple layout DSL:\n\nIf you create a single `ui.row`, passing a string rather than an\nobject:\n\n* `\\n`: characters will be interpreted as new rows.\n* `\\t`: characters will be interpreted as new columns.\n* `\\s`: characters will be interpreted as padding.\n\n**as an example...**\n\n```js\nvar ui = require('./')({\n width: 60\n})\n\nui.div(\n 'Usage: node ./bin/foo.js\\n' +\n ' \\t provide a regex\\n' +\n ' \\t provide a glob\\t [required]'\n)\n\nconsole.log(ui.toString())\n```\n\n**will output:**\n\n```shell\nUsage: node ./bin/foo.js\n provide a regex\n provide a glob [required]\n```\n\n## Methods\n\n```js\ncliui = require('cliui')\n```\n\n### cliui({width: integer})\n\nSpecify the maximum width of the UI being generated.\n\n### cliui({wrap: boolean})\n\nEnable or disable the wrapping of text in a column.\n\n### cliui.div(column, column, column)\n\nCreate a row with any number of columns, a column\ncan either be a string, or an object with the following\noptions:\n\n* **width:** the width of a column.\n* **align:** alignment, `right` or `center`.\n* **padding:** `[top, right, bottom, left]`.\n* **border:** should a border be placed around the div?\n\n### cliui.span(column, column, column)\n\nSimilar to `div`, except the next row will be appended without\na new line being created.\n", + "readmeFilename": "README.md", + "_dependencies": { + "string-width": "^1.0.1", + "strip-ansi": "^3.0.0", + "wrap-ansi": "^1.0.0" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/cliui", + "error": "[Circular]", + "extraneous": false + }, + "decamelize": { + "_args": [ + [ + "decamelize@^1.1.1", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "decamelize@1.1.2", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "decamelize@>=1.1.1 <2.0.0", + "_id": "decamelize@1.1.2", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/decamelize", + "_nodeVersion": "4.2.1", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.14.7", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "decamelize@1.1.2", + "name": "decamelize", + "escapedName": "decamelize", + "rawSpec": "1.1.2", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.2" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/decamelize/-/decamelize-1.1.2.tgz", + "_shasum": "dcc93727be209632e98b02718ef4cb79602322f2", + "_shrinkwrap": "[Circular]", + "_spec": "1.1.2", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/decamelize/issues" + }, + "dependencies": { + "escape-string-regexp": { + "_args": [ + [ + "escape-string-regexp@^1.0.4", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/decamelize" + ], + [ + "escape-string-regexp@1.0.5", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "escape-string-regexp@>=1.0.4 <2.0.0", + "_id": "escape-string-regexp@1.0.5", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/escape-string-regexp", + "_nodeVersion": "4.2.6", + "_npmOperationalInternal": { + "host": "packages-9-west.internal.npmjs.com", + "tmp": "tmp/escape-string-regexp-1.0.5.tgz_1456059312074_0.7245344955008477" + }, + "_npmUser": { + "email": "jappelman@xebia.com", + "name": "jbnicolai" + }, + "_npmVersion": "2.14.12", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "escape-string-regexp@1.0.5", + "name": "escape-string-regexp", + "escapedName": "escape-string-regexp", + "rawSpec": "1.0.5", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.5" + }, + "_requiredBy": [ + "/bundle-dependencies/decamelize" + ], + "_resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "_shasum": "1b61c0562190a8dff6ae3bb2cf0200ca130b86d4", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.5", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues" + }, + "dependencies": {}, + "description": "Escape RegExp special characters", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "1b61c0562190a8dff6ae3bb2cf0200ca130b86d4", + "tarball": "http://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz" + }, + "engines": { + "node": ">=0.8.0" + }, + "files": [ + "index.js" + ], + "gitHead": "db124a3e1aae9d692c4899e42a5c6c3e329eaa20", + "homepage": "https://github.com/sindresorhus/escape-string-regexp", + "keywords": [ + "escape", + "regex", + "regexp", + "re", + "regular", + "expression", + "string", + "str", + "special", + "characters" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + }, + { + "name": "jbnicolai", + "email": "jappelman@xebia.com" + } + ], + "name": "escape-string-regexp", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "1.0.5", + "readme": "# escape-string-regexp [![Build Status](https://travis-ci.org/sindresorhus/escape-string-regexp.svg?branch=master)](https://travis-ci.org/sindresorhus/escape-string-regexp)\n\n> Escape RegExp special characters\n\n\n## Install\n\n```\n$ npm install --save escape-string-regexp\n```\n\n\n## Usage\n\n```js\nconst escapeStringRegexp = require('escape-string-regexp');\n\nconst escapedString = escapeStringRegexp('how much $ for a unicorn?');\n//=> 'how much \\$ for a unicorn\\?'\n\nnew RegExp(escapedString);\n```\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/escape-string-regexp", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Convert a camelized string into a lowercased one with a custom separator: unicornRainbow → unicorn_rainbow", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "dcc93727be209632e98b02718ef4cb79602322f2", + "tarball": "http://registry.npmjs.org/decamelize/-/decamelize-1.1.2.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "82c87d3382126375ab0c3b7f5438bfd5eccb18c3", + "homepage": "https://github.com/sindresorhus/decamelize", + "keywords": [ + "decamelize", + "decamelcase", + "camelcase", + "lowercase", + "case", + "dash", + "hyphen", + "string", + "str", + "text", + "convert" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "decamelize", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/decamelize.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "1.1.2", + "readme": "# decamelize [![Build Status](https://travis-ci.org/sindresorhus/decamelize.svg?branch=master)](https://travis-ci.org/sindresorhus/decamelize)\n\n> Convert a camelized string into a lowercased one with a custom separator \n> Example: `unicornRainbow` → `unicorn_rainbow`\n\n\n## Install\n\n```\n$ npm install --save decamelize\n```\n\n\n## Usage\n\n```js\nconst decamelize = require('decamelize');\n\ndecamelize('unicornRainbow');\n//=> 'unicorn_rainbow'\n\ndecamelize('unicornRainbow', '-');\n//=> 'unicorn-rainbow'\n```\n\n\n## API\n\n### decamelize(input, [separator])\n\n#### input\n\nType: `string`\n\n#### separator\n\nType: `string` \nDefault: `_`\n\n\n## Related\n\nSee [`camelcase`](https://github.com/sindresorhus/camelcase) for the inverse.\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "escape-string-regexp": "^1.0.4" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/decamelize", + "error": "[Circular]", + "extraneous": false + }, + "os-locale": { + "_args": [ + [ + "os-locale@^1.4.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "os-locale@1.4.0", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "os-locale@>=1.4.0 <2.0.0", + "_id": "os-locale@1.4.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/os-locale", + "_nodeVersion": "3.0.0", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.13.3", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "os-locale@1.4.0", + "name": "os-locale", + "escapedName": "os-locale", + "rawSpec": "1.4.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.4.0" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/os-locale/-/os-locale-1.4.0.tgz", + "_shasum": "20f9f17ae29ed345e8bde583b13d2009803c14d9", + "_shrinkwrap": "[Circular]", + "_spec": "1.4.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/os-locale/issues" + }, + "dependencies": { + "lcid": { + "_args": [ + [ + "lcid@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/os-locale" + ], + [ + "lcid@1.0.0", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "lcid@>=1.0.0 <2.0.0", + "_id": "lcid@1.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/lcid", + "_nodeVersion": "0.12.0", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.5.1", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "lcid@1.0.0", + "name": "lcid", + "escapedName": "lcid", + "rawSpec": "1.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/os-locale" + ], + "_resolved": "https://registry.npmjs.org/lcid/-/lcid-1.0.0.tgz", + "_shasum": "308accafa0bc483a3867b4b6f2b9506251d1b835", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/lcid/issues" + }, + "dependencies": { + "invert-kv": { + "_args": [ + [ + "invert-kv@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/lcid" + ], + [ + "invert-kv@1.0.0", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "invert-kv@>=1.0.0 <2.0.0", + "_id": "invert-kv@1.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/invert-kv", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "1.4.21", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "invert-kv@1.0.0", + "name": "invert-kv", + "escapedName": "invert-kv", + "rawSpec": "1.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/lcid" + ], + "_resolved": "https://registry.npmjs.org/invert-kv/-/invert-kv-1.0.0.tgz", + "_shasum": "104a8e4aaca6d3d8cd157a8ef8bfab2d7a3ffdb6", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "http://sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/invert-kv/issues" + }, + "dependencies": {}, + "description": "Invert the key/value of an object. Example: {foo: 'bar'} → {bar: 'foo'}", + "devDependencies": { + "mocha": "*" + }, + "directories": {}, + "dist": { + "shasum": "104a8e4aaca6d3d8cd157a8ef8bfab2d7a3ffdb6", + "tarball": "http://registry.npmjs.org/invert-kv/-/invert-kv-1.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "c28c3a15abcde3f67bd90f90f8ffe54a5f8cb04e", + "homepage": "https://github.com/sindresorhus/invert-kv", + "keywords": [ + "object", + "obj", + "key", + "value", + "val", + "kv", + "invert" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "invert-kv", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/invert-kv.git" + }, + "scripts": { + "test": "mocha" + }, + "version": "1.0.0", + "readme": "# invert-kv [![Build Status](https://travis-ci.org/sindresorhus/invert-kv.svg?branch=master)](https://travis-ci.org/sindresorhus/invert-kv)\n\n> Invert the key/value of an object. Example: `{foo: 'bar'}` → `{bar: 'foo'}`\n\n\n## Install\n\n```sh\n$ npm install --save invert-kv\n```\n\n\n## Usage\n\n```js\nvar invertKv = require('invert-kv');\n\ninvertKv({foo: 'bar', unicorn: 'rainbow'});\n//=> {bar: 'foo', rainbow: 'unicorn'}\n```\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/invert-kv", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Mapping between standard locale identifiers and Windows locale identifiers (LCID)", + "devDependencies": { + "ava": "0.0.4" + }, + "directories": {}, + "dist": { + "shasum": "308accafa0bc483a3867b4b6f2b9506251d1b835", + "tarball": "http://registry.npmjs.org/lcid/-/lcid-1.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js", + "lcid.json" + ], + "gitHead": "96bb3e617f77f5f8ceb78653c77de5a85abb3b1e", + "homepage": "https://github.com/sindresorhus/lcid", + "keywords": [ + "lcid", + "locale", + "string", + "str", + "id", + "identifier", + "windows", + "language", + "lang", + "map", + "mapping", + "convert", + "json", + "bcp47", + "ietf", + "tag" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "lcid", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/lcid.git" + }, + "scripts": { + "test": "node test.js" + }, + "version": "1.0.0", + "readme": "# lcid [![Build Status](https://travis-ci.org/sindresorhus/lcid.svg?branch=master)](https://travis-ci.org/sindresorhus/lcid)\n\n> Mapping between [standard locale identifiers](http://en.wikipedia.org/wiki/Locale) and [Windows locale identifiers (LCID)](http://en.wikipedia.org/wiki/Locale#Specifics_for_Microsoft_platforms)\n\nBased on the [mapping](https://github.com/python/cpython/blob/be2a1a76fa43bb1ea1b3577bb5bdd506a2e90e37/Lib/locale.py#L1395-L1604) used in the Python standard library.\n\nThe mapping itself is just a [JSON file](lcid.json) and can be used wherever.\n\n\n## Install\n\n```\n$ npm install --save lcid\n```\n\n\n## Usage\n\n```js\nvar lcid = require('lcid');\n\nlcid.from(1044);\n//=> 'nb_NO'\n\nlcid.to('nb_NO');\n//=> 1044\n\nlcid.all;\n//=> {'af_ZA': 1078, ...}\n```\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "invert-kv": "^1.0.0" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lcid", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Get the system locale", + "devDependencies": { + "ava": "*", + "require-uncached": "^1.0.2", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "20f9f17ae29ed345e8bde583b13d2009803c14d9", + "tarball": "http://registry.npmjs.org/os-locale/-/os-locale-1.4.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "b5c88233910b2e959fe84d841addb7a15e1cc813", + "homepage": "https://github.com/sindresorhus/os-locale", + "keywords": [ + "locale", + "lang", + "language", + "system", + "os", + "string", + "str", + "user", + "country", + "id", + "identifier", + "region" + ], + "license": "MIT", + "maintainers": [ + { + "name": "abg", + "email": "andrewbgoode@gmail.com" + }, + { + "name": "bcoe", + "email": "ben@npmjs.com" + }, + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "os-locale", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/os-locale.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "1.4.0", + "readme": "# os-locale [![Build Status](https://travis-ci.org/sindresorhus/os-locale.svg?branch=master)](https://travis-ci.org/sindresorhus/os-locale)\n\n> Get the system [locale](http://en.wikipedia.org/wiki/Locale)\n\nUseful for localizing your module or app.\n\nPOSIX systems: The returned locale refers to the [`LC_MESSAGE`](http://www.gnu.org/software/libc/manual/html_node/Locale-Categories.html#Locale-Categories) category, suitable for selecting the language used in the user interface for message translation.\n\n\n## Install\n\n```\n$ npm install --save os-locale\n```\n\n\n## Usage\n\n```js\nvar osLocale = require('os-locale');\n\nosLocale(function (err, locale) {\n\tconsole.log(locale);\n\t//=> 'en_US'\n});\n```\n\n\n## API\n\n### osLocale([options], callback(error, locale))\n\n### osLocale.sync([options])\n\nReturns the locale.\n\n#### options.spawn\n\nType: `boolean` \nDefault: `true`\n\nSet to `false` to avoid spawning subprocesses and instead only resolve the locale from environment variables.\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "lcid": "^1.0.0" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/os-locale", + "error": "[Circular]", + "extraneous": false + }, + "pkg-conf": { + "_args": [ + [ + "pkg-conf@^1.1.1", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "pkg-conf@1.1.1", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "pkg-conf@>=1.1.1 <2.0.0", + "_id": "pkg-conf@1.1.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/pkg-conf", + "_nodeVersion": "4.2.4", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "3.6.0", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "pkg-conf@1.1.1", + "name": "pkg-conf", + "escapedName": "pkg-conf", + "rawSpec": "1.1.1", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.1" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/pkg-conf/-/pkg-conf-1.1.1.tgz", + "_shasum": "a3caee3fb9c23ab4abad3baaea02f0001c75f200", + "_shrinkwrap": "[Circular]", + "_spec": "1.1.1", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/pkg-conf/issues" + }, + "dependencies": { + "find-up": { + "_args": [ + [ + "find-up@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/pkg-conf" + ], + [ + "find-up@1.1.0", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "find-up@>=1.0.0 <2.0.0", + "_id": "find-up@1.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/find-up", + "_nodeVersion": "4.2.1", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.14.7", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "find-up@1.1.0", + "name": "find-up", + "escapedName": "find-up", + "rawSpec": "1.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies/pkg-conf", + "/bundle-dependencies/read-pkg-up" + ], + "_resolved": "https://registry.npmjs.org/find-up/-/find-up-1.1.0.tgz", + "_shasum": "a63b0eec4625a2902534898a5f9eec8aaed046e9", + "_shrinkwrap": "[Circular]", + "_spec": "1.1.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/find-up/issues" + }, + "dependencies": { + "path-exists": { + "_args": [ + [ + "path-exists@^2.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/find-up" + ], + [ + "path-exists@2.1.0", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "path-exists@>=2.0.0 <3.0.0", + "_id": "path-exists@2.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/path-exists", + "_nodeVersion": "4.2.1", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.14.7", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "path-exists@2.1.0", + "name": "path-exists", + "escapedName": "path-exists", + "rawSpec": "2.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies/find-up" + ], + "_resolved": "https://registry.npmjs.org/path-exists/-/path-exists-2.1.0.tgz", + "_shasum": "0feb6c64f0fc518d9a754dd5efb62c7022761f4b", + "_shrinkwrap": "[Circular]", + "_spec": "2.1.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/path-exists/issues" + }, + "dependencies": { + "pinkie-promise": { + "_args": [ + [ + "pinkie-promise@^2.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/find-up" + ], + [ + "pinkie-promise@2.0.0", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "pinkie-promise@>=2.0.0 <3.0.0", + "_id": "pinkie-promise@2.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/pinkie-promise", + "_nodeVersion": "4.2.0", + "_npmUser": { + "email": "floatdrop@gmail.com", + "name": "floatdrop" + }, + "_npmVersion": "2.14.7", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "pinkie-promise@2.0.0", + "name": "pinkie-promise", + "escapedName": "pinkie-promise", + "rawSpec": "2.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/find-up", + "/bundle-dependencies/load-json-file", + "/bundle-dependencies/path-exists", + "/bundle-dependencies/path-type" + ], + "_resolved": "https://registry.npmjs.org/pinkie-promise/-/pinkie-promise-2.0.0.tgz", + "_shasum": "4c83538de1f6e660c29e0a13446844f7a7e88259", + "_shrinkwrap": "[Circular]", + "_spec": "2.0.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Vsevolod Strukchinsky", + "email": "floatdrop@gmail.com", + "url": "github.com/floatdrop" + }, + "bugs": { + "url": "https://github.com/floatdrop/pinkie-promise/issues" + }, + "dependencies": {}, + "description": "ES2015 Promise ponyfill", + "devDependencies": { + "mocha": "*" + }, + "directories": {}, + "dist": { + "shasum": "4c83538de1f6e660c29e0a13446844f7a7e88259", + "tarball": "http://registry.npmjs.org/pinkie-promise/-/pinkie-promise-2.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "f90fcae9838bcae7ae1ae4ebc9b29f11e5db4980", + "homepage": "https://github.com/floatdrop/pinkie-promise", + "keywords": [ + "promise", + "promises", + "es2015", + "es6", + "polyfill", + "ponyfill" + ], + "license": "MIT", + "maintainers": [ + { + "name": "floatdrop", + "email": "floatdrop@gmail.com" + } + ], + "name": "pinkie-promise", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/floatdrop/pinkie-promise.git" + }, + "scripts": { + "test": "mocha" + }, + "version": "2.0.0", + "readme": "# pinkie-promise [![Build Status](https://travis-ci.org/floatdrop/pinkie-promise.svg?branch=master)](https://travis-ci.org/floatdrop/pinkie-promise)\n\n> [ES2015 Promise](https://people.mozilla.org/~jorendorff/es6-draft.html#sec-promise-objects) ponyfill\n\nModule exports global Promise object (if available) or [`pinkie`](http://github.com/floatdrop/pinkie) Promise polyfill.\n\n## Install\n\n```\n$ npm install --save pinkie-promise\n```\n\n## Usage\n\n```js\nvar Promise = require('pinkie-promise');\n\nnew Promise(function (resolve) { resolve('unicorns'); });\n//=> Promise { 'unicorns' }\n```\n\n## Related\n\n- [pify](https://github.com/sindresorhus/pify) - Promisify a callback-style function\n\n## License\n\nMIT © [Vsevolod Strukchinsky](http://github.com/floatdrop)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "error": "[Circular]", + "extraneous": false, + "_deduped": "bundle-dependencies/pinkie-promise" + } + }, + "description": "Check if a path exists", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "0feb6c64f0fc518d9a754dd5efb62c7022761f4b", + "tarball": "http://registry.npmjs.org/path-exists/-/path-exists-2.1.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "3af423661e78466764f87c5712263c5d7a1ce5b7", + "homepage": "https://github.com/sindresorhus/path-exists", + "keywords": [ + "path", + "exists", + "exist", + "file", + "filepath", + "fs", + "filesystem", + "file-system", + "access", + "stat" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "path-exists", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/path-exists.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "2.1.0", + "readme": "# path-exists [![Build Status](https://travis-ci.org/sindresorhus/path-exists.svg?branch=master)](https://travis-ci.org/sindresorhus/path-exists)\n\n> Check if a path exists\n\nBecause [`fs.exists()`](https://nodejs.org/api/fs.html#fs_fs_exists_path_callback) is being [deprecated](https://github.com/iojs/io.js/issues/103), but there's still a genuine use-case of being able to check if a path exists for other purposes than doing IO with it.\n\nNever use this before handling a file though:\n\n> In particular, checking if a file exists before opening it is an anti-pattern that leaves you vulnerable to race conditions: another process may remove the file between the calls to `fs.exists()` and `fs.open()`. Just open the file and handle the error when it's not there.\n\n\n## Install\n\n```\n$ npm install --save path-exists\n```\n\n\n## Usage\n\n```js\n// foo.js\nvar pathExists = require('path-exists');\n\npathExists('foo.js').then(function (exists) {\n\tconsole.log(exists);\n\t//=> true\n});\n```\n\n\n## API\n\n### pathExists(path)\n\nReturns a promise that resolves to a boolean of whether the path exists.\n\n### pathExists.sync(path)\n\nReturns a boolean of whether the path exists.\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "pinkie-promise": "^2.0.0" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/path-exists", + "error": "[Circular]", + "extraneous": false + }, + "pinkie-promise": { + "_args": "[Circular]", + "_from": "pinkie-promise@>=2.0.0 <3.0.0", + "_id": "pinkie-promise@2.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/pinkie-promise", + "_nodeVersion": "4.2.0", + "_npmUser": "[Circular]", + "_npmVersion": "2.14.7", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "pinkie-promise@2.0.0", + "name": "pinkie-promise", + "escapedName": "pinkie-promise", + "rawSpec": "2.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.0.0" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/pinkie-promise/-/pinkie-promise-2.0.0.tgz", + "_shasum": "4c83538de1f6e660c29e0a13446844f7a7e88259", + "_shrinkwrap": "[Circular]", + "_spec": "2.0.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": { + "pinkie": { + "_args": [ + [ + "pinkie@^2.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/pinkie-promise" + ], + [ + "pinkie@2.0.4", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "pinkie@>=2.0.0 <3.0.0", + "_id": "pinkie@2.0.4", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/pinkie", + "_nodeVersion": "4.2.4", + "_npmUser": { + "email": "floatdrop@gmail.com", + "name": "floatdrop" + }, + "_npmVersion": "2.14.12", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "pinkie@2.0.4", + "name": "pinkie", + "escapedName": "pinkie", + "rawSpec": "2.0.4", + "saveSpec": "[Circular]", + "fetchSpec": "2.0.4" + }, + "_requiredBy": [ + "/bundle-dependencies/pinkie-promise" + ], + "_resolved": "https://registry.npmjs.org/pinkie/-/pinkie-2.0.4.tgz", + "_shasum": "72556b80cfa0d48a974e80e77248e80ed4f7f870", + "_shrinkwrap": "[Circular]", + "_spec": "2.0.4", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Vsevolod Strukchinsky", + "email": "floatdrop@gmail.com", + "url": "github.com/floatdrop" + }, + "bugs": { + "url": "https://github.com/floatdrop/pinkie/issues" + }, + "dependencies": {}, + "description": "Itty bitty little widdle twinkie pinkie ES2015 Promise implementation", + "devDependencies": { + "core-assert": "^0.1.1", + "coveralls": "^2.11.4", + "mocha": "*", + "nyc": "^3.2.2", + "promises-aplus-tests": "*", + "xo": "^0.10.1" + }, + "directories": {}, + "dist": { + "shasum": "72556b80cfa0d48a974e80e77248e80ed4f7f870", + "tarball": "http://registry.npmjs.org/pinkie/-/pinkie-2.0.4.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "8d4a92447a5c62bff9f89756caeb4c9c8770579b", + "homepage": "https://github.com/floatdrop/pinkie", + "keywords": [ + "promise", + "promises", + "es2015", + "es6" + ], + "license": "MIT", + "maintainers": [ + { + "name": "floatdrop", + "email": "floatdrop@gmail.com" + } + ], + "name": "pinkie", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/floatdrop/pinkie.git" + }, + "scripts": { + "coverage": "nyc report --reporter=text-lcov | coveralls", + "test": "xo && nyc mocha" + }, + "version": "2.0.4", + "readme": "

\n\t
\n\t\"pinkie\"\n\t
\n\t
\n

\n\n> Itty bitty little widdle twinkie pinkie [ES2015 Promise](https://people.mozilla.org/~jorendorff/es6-draft.html#sec-promise-objects) implementation\n\n[![Build Status](https://travis-ci.org/floatdrop/pinkie.svg?branch=master)](https://travis-ci.org/floatdrop/pinkie) [![Coverage Status](https://coveralls.io/repos/floatdrop/pinkie/badge.svg?branch=master&service=github)](https://coveralls.io/github/floatdrop/pinkie?branch=master)\n\nThere are [tons of Promise implementations](https://github.com/promises-aplus/promises-spec/blob/master/implementations.md#standalone) out there, but all of them focus on browser compatibility and are often bloated with functionality.\n\nThis module is an exact Promise specification polyfill (like [native-promise-only](https://github.com/getify/native-promise-only)), but in Node.js land (it should be browserify-able though).\n\n\n## Install\n\n```\n$ npm install --save pinkie\n```\n\n\n## Usage\n\n```js\nvar fs = require('fs');\nvar Promise = require('pinkie');\n\nnew Promise(function (resolve, reject) {\n\tfs.readFile('foo.json', 'utf8', function (err, data) {\n\t\tif (err) {\n\t\t\treject(err);\n\t\t\treturn;\n\t\t}\n\n\t\tresolve(data);\n\t});\n});\n//=> Promise\n```\n\n\n### API\n\n`pinkie` exports bare [ES2015 Promise](https://people.mozilla.org/~jorendorff/es6-draft.html#sec-promise-objects) implementation and polyfills [Node.js rejection events](https://nodejs.org/api/process.html#process_event_unhandledrejection). In case you forgot:\n\n#### new Promise(executor)\n\nReturns new instance of `Promise`.\n\n##### executor\n\n*Required* \nType: `function`\n\nFunction with two arguments `resolve` and `reject`. The first argument fulfills the promise, the second argument rejects it.\n\n#### pinkie.all(promises)\n\nReturns a promise that resolves when all of the promises in the `promises` Array argument have resolved.\n\n#### pinkie.race(promises)\n\nReturns a promise that resolves or rejects as soon as one of the promises in the `promises` Array resolves or rejects, with the value or reason from that promise.\n\n#### pinkie.reject(reason)\n\nReturns a Promise object that is rejected with the given `reason`.\n\n#### pinkie.resolve(value)\n\nReturns a Promise object that is resolved with the given `value`. If the `value` is a thenable (i.e. has a then method), the returned promise will \"follow\" that thenable, adopting its eventual state; otherwise the returned promise will be fulfilled with the `value`.\n\n\n## Related\n\n- [pinkie-promise](https://github.com/floatdrop/pinkie-promise) - Returns the native Promise or this module\n\n\n## License\n\nMIT © [Vsevolod Strukchinsky](http://github.com/floatdrop)\n", + "readmeFilename": "readme.md", + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "ES2015 Promise ponyfill", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "f90fcae9838bcae7ae1ae4ebc9b29f11e5db4980", + "homepage": "https://github.com/floatdrop/pinkie-promise", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "pinkie-promise", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "2.0.0", + "readme": "# pinkie-promise [![Build Status](https://travis-ci.org/floatdrop/pinkie-promise.svg?branch=master)](https://travis-ci.org/floatdrop/pinkie-promise)\n\n> [ES2015 Promise](https://people.mozilla.org/~jorendorff/es6-draft.html#sec-promise-objects) ponyfill\n\nModule exports global Promise object (if available) or [`pinkie`](http://github.com/floatdrop/pinkie) Promise polyfill.\n\n## Install\n\n```\n$ npm install --save pinkie-promise\n```\n\n## Usage\n\n```js\nvar Promise = require('pinkie-promise');\n\nnew Promise(function (resolve) { resolve('unicorns'); });\n//=> Promise { 'unicorns' }\n```\n\n## Related\n\n- [pify](https://github.com/sindresorhus/pify) - Promisify a callback-style function\n\n## License\n\nMIT © [Vsevolod Strukchinsky](http://github.com/floatdrop)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Find a file by walking up parent directories", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "a63b0eec4625a2902534898a5f9eec8aaed046e9", + "tarball": "http://registry.npmjs.org/find-up/-/find-up-1.1.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "06e9dae73659ddf2421440ca4695161c38d7d2fb", + "homepage": "https://github.com/sindresorhus/find-up", + "keywords": [ + "find", + "up", + "find-up", + "findup", + "look-up", + "look", + "file", + "search", + "match", + "package", + "resolve", + "parent", + "parents", + "folder", + "directory", + "dir", + "walk", + "walking", + "path" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "find-up", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/find-up.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "1.1.0", + "readme": "# find-up [![Build Status](https://travis-ci.org/sindresorhus/find-up.svg?branch=master)](https://travis-ci.org/sindresorhus/find-up)\n\n> Find a file by walking up parent directories\n\n\n## Install\n\n```\n$ npm install --save find-up\n```\n\n\n## Usage\n\n```\n/\n└── Users\n └── sindresorhus\n ├── unicorn.png\n └── foo\n └── bar\n ├── baz\n └── example.js\n```\n\n```js\n// example.js\nvar findUp = require('find-up');\n\nfindUp('unicorn.png').then(function (filepath) {\n\tconsole.log(filepath);\n\t//=> '/Users/sindresorhus/unicorn.png'\n});\n```\n\n\n## API\n\n### findUp(filename, [options])\n\nReturns a promise that resolves to a filepath or `null`.\n\n### findUp.sync(filename, [options])\n\nReturns a filepath or `null`.\n\n#### filename\n\nType: `string`\n\nFilename of the file to find.\n\n#### options\n\n##### cwd\n\nType: `string` \nDefault: `process.cwd()`\n\nDirectory to start from.\n\n\n## Related\n\n- [find-up-cli](https://github.com/sindresorhus/find-up-cli) - CLI for this module\n- [pkg-up](https://github.com/sindresorhus/pkg-up) - Find the closest package.json file\n- [pkg-dir](https://github.com/sindresorhus/pkg-dir) - Find the root directory of a npm package\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/find-up", + "error": "[Circular]", + "extraneous": false + }, + "object-assign": { + "_args": [ + [ + "object-assign@^4.0.1", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/pkg-conf" + ], + [ + "object-assign@4.0.1", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "object-assign@>=4.0.1 <5.0.0", + "_id": "object-assign@4.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/object-assign", + "_nodeVersion": "3.0.0", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.13.3", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "object-assign@4.0.1", + "name": "object-assign", + "escapedName": "object-assign", + "rawSpec": "4.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "4.0.1" + }, + "_requiredBy": [ + "/bundle-dependencies/pkg-conf" + ], + "_resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.0.1.tgz", + "_shasum": "99504456c3598b5cad4fc59c26e8a9bb107fe0bd", + "_shrinkwrap": "[Circular]", + "_spec": "4.0.1", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "http://sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/object-assign/issues" + }, + "dependencies": {}, + "description": "ES6 Object.assign() ponyfill", + "devDependencies": { + "lodash": "^3.10.1", + "matcha": "^0.6.0", + "mocha": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "99504456c3598b5cad4fc59c26e8a9bb107fe0bd", + "tarball": "http://registry.npmjs.org/object-assign/-/object-assign-4.0.1.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "b0c40d37cbc43e89ad3326a9bad4c6b3133ba6d3", + "homepage": "https://github.com/sindresorhus/object-assign#readme", + "keywords": [ + "object", + "assign", + "extend", + "properties", + "es6", + "ecmascript", + "harmony", + "ponyfill", + "prollyfill", + "polyfill", + "shim", + "browser" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "object-assign", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/object-assign.git" + }, + "scripts": { + "bench": "matcha bench.js", + "test": "xo && mocha" + }, + "version": "4.0.1", + "xo": { + "envs": [ + "node", + "mocha" + ] + }, + "readme": "# object-assign [![Build Status](https://travis-ci.org/sindresorhus/object-assign.svg?branch=master)](https://travis-ci.org/sindresorhus/object-assign)\n\n> ES6 [`Object.assign()`](http://www.2ality.com/2014/01/object-assign.html) ponyfill\n\n> Ponyfill: A polyfill that doesn't overwrite the native method\n\n\n## Install\n\n```sh\n$ npm install --save object-assign\n```\n\n\n## Usage\n\n```js\nvar objectAssign = require('object-assign');\n\nobjectAssign({foo: 0}, {bar: 1});\n//=> {foo: 0, bar: 1}\n\n// multiple sources\nobjectAssign({foo: 0}, {bar: 1}, {baz: 2});\n//=> {foo: 0, bar: 1, baz: 2}\n\n// overwrites equal keys\nobjectAssign({foo: 0}, {foo: 1}, {foo: 2});\n//=> {foo: 2}\n\n// ignores null and undefined sources\nobjectAssign({foo: 0}, null, {bar: 1}, undefined);\n//=> {foo: 0, bar: 1}\n```\n\n\n## API\n\n### objectAssign(target, source, [source, ...])\n\nAssigns enumerable own properties of `source` objects to the `target` object and returns the `target` object. Additional `source` objects will overwrite previous ones.\n\n\n## Resources\n\n- [ES6 spec - Object.assign](https://people.mozilla.org/~jorendorff/es6-draft.html#sec-object.assign)\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/object-assign", + "error": "[Circular]", + "extraneous": false + }, + "read-pkg": { + "_args": [ + [ + "read-pkg@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/pkg-conf" + ], + [ + "read-pkg@1.1.0", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "read-pkg@>=1.0.0 <2.0.0", + "_id": "read-pkg@1.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/read-pkg", + "_nodeVersion": "3.0.0", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.13.3", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "read-pkg@1.1.0", + "name": "read-pkg", + "escapedName": "read-pkg", + "rawSpec": "1.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies/pkg-conf", + "/bundle-dependencies/read-pkg-up" + ], + "_resolved": "https://registry.npmjs.org/read-pkg/-/read-pkg-1.1.0.tgz", + "_shasum": "f5ffaa5ecd29cb31c0474bca7d756b6bb29e3f28", + "_shrinkwrap": "[Circular]", + "_spec": "1.1.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/read-pkg/issues" + }, + "dependencies": { + "load-json-file": { + "_args": [ + [ + "load-json-file@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/read-pkg" + ], + [ + "load-json-file@1.1.0", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "load-json-file@>=1.0.0 <2.0.0", + "_id": "load-json-file@1.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/load-json-file", + "_nodeVersion": "4.2.1", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.14.7", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "load-json-file@1.1.0", + "name": "load-json-file", + "escapedName": "load-json-file", + "rawSpec": "1.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies/read-pkg" + ], + "_resolved": "https://registry.npmjs.org/load-json-file/-/load-json-file-1.1.0.tgz", + "_shasum": "956905708d58b4bab4c2261b04f59f31c99374c0", + "_shrinkwrap": "[Circular]", + "_spec": "1.1.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/load-json-file/issues" + }, + "dependencies": { + "graceful-fs": { + "_args": [ + [ + "graceful-fs@^4.1.2", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/load-json-file" + ], + [ + "graceful-fs@4.1.3", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "graceful-fs@>=4.1.2 <5.0.0", + "_id": "graceful-fs@4.1.3", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/graceful-fs", + "_nodeVersion": "4.0.0", + "_npmOperationalInternal": { + "host": "packages-6-west.internal.npmjs.com", + "tmp": "tmp/graceful-fs-4.1.3.tgz_1454449326495_0.943017533281818" + }, + "_npmUser": { + "email": "i@izs.me", + "name": "isaacs" + }, + "_npmVersion": "3.7.0", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "graceful-fs@4.1.3", + "name": "graceful-fs", + "escapedName": "graceful-fs", + "rawSpec": "4.1.3", + "saveSpec": "[Circular]", + "fetchSpec": "4.1.3" + }, + "_requiredBy": [ + "/bundle-dependencies/load-json-file", + "/bundle-dependencies/path-type" + ], + "_resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.1.3.tgz", + "_shasum": "92033ce11113c41e2628d61fdfa40bc10dc0155c", + "_shrinkwrap": "[Circular]", + "_spec": "4.1.3", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "bugs": { + "url": "https://github.com/isaacs/node-graceful-fs/issues" + }, + "dependencies": {}, + "description": "A drop-in replacement for fs, making various improvements.", + "devDependencies": { + "mkdirp": "^0.5.0", + "rimraf": "^2.2.8", + "tap": "^5.4.2" + }, + "directories": { + "test": "test" + }, + "dist": { + "shasum": "92033ce11113c41e2628d61fdfa40bc10dc0155c", + "tarball": "http://registry.npmjs.org/graceful-fs/-/graceful-fs-4.1.3.tgz" + }, + "engines": { + "node": ">=0.4.0" + }, + "files": [ + "fs.js", + "graceful-fs.js", + "legacy-streams.js", + "polyfills.js" + ], + "gitHead": "694c56f3aed4aee62d6df169be123d3984f61b85", + "homepage": "https://github.com/isaacs/node-graceful-fs#readme", + "keywords": [ + "fs", + "module", + "reading", + "retry", + "retries", + "queue", + "error", + "errors", + "handling", + "EMFILE", + "EAGAIN", + "EINVAL", + "EPERM", + "EACCESS" + ], + "license": "ISC", + "main": "graceful-fs.js", + "maintainers": [ + { + "name": "isaacs", + "email": "i@izs.me" + } + ], + "name": "graceful-fs", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/isaacs/node-graceful-fs.git" + }, + "scripts": { + "test": "node test.js | tap -" + }, + "version": "4.1.3", + "readme": "# graceful-fs\n\ngraceful-fs functions as a drop-in replacement for the fs module,\nmaking various improvements.\n\nThe improvements are meant to normalize behavior across different\nplatforms and environments, and to make filesystem access more\nresilient to errors.\n\n## Improvements over [fs module](http://api.nodejs.org/fs.html)\n\ngraceful-fs:\n\n* Queues up `open` and `readdir` calls, and retries them once\n something closes if there is an EMFILE error from too many file\n descriptors.\n* fixes `lchmod` for Node versions prior to 0.6.2.\n* implements `fs.lutimes` if possible. Otherwise it becomes a noop.\n* ignores `EINVAL` and `EPERM` errors in `chown`, `fchown` or\n `lchown` if the user isn't root.\n* makes `lchmod` and `lchown` become noops, if not available.\n* retries reading a file if `read` results in EAGAIN error.\n\nOn Windows, it retries renaming a file for up to one second if `EACCESS`\nor `EPERM` error occurs, likely because antivirus software has locked\nthe directory.\n\n## USAGE\n\n```javascript\n// use just like fs\nvar fs = require('graceful-fs')\n\n// now go and do stuff with it...\nfs.readFileSync('some-file-or-whatever')\n```\n\n## Global Patching\n\nIf you want to patch the global fs module (or any other fs-like\nmodule) you can do this:\n\n```javascript\n// Make sure to read the caveat below.\nvar realFs = require('fs')\nvar gracefulFs = require('graceful-fs')\ngracefulFs.gracefulify(realFs)\n```\n\nThis should only ever be done at the top-level application layer, in\norder to delay on EMFILE errors from any fs-using dependencies. You\nshould **not** do this in a library, because it can cause unexpected\ndelays in other parts of the program.\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/graceful-fs", + "error": "[Circular]", + "extraneous": false + }, + "parse-json": { + "_args": [ + [ + "parse-json@^2.2.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/load-json-file" + ], + [ + "parse-json@2.2.0", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "parse-json@>=2.2.0 <3.0.0", + "_id": "parse-json@2.2.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/parse-json", + "_nodeVersion": "0.12.7", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.11.3", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "parse-json@2.2.0", + "name": "parse-json", + "escapedName": "parse-json", + "rawSpec": "2.2.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.2.0" + }, + "_requiredBy": [ + "/bundle-dependencies/load-json-file" + ], + "_resolved": "https://registry.npmjs.org/parse-json/-/parse-json-2.2.0.tgz", + "_shasum": "f480f40434ef80741f8469099f8dea18f55a4dc9", + "_shrinkwrap": "[Circular]", + "_spec": "2.2.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/parse-json/issues" + }, + "dependencies": { + "error-ex": { + "_args": [ + [ + "error-ex@^1.2.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/parse-json" + ], + [ + "error-ex@1.3.0", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "error-ex@>=1.2.0 <2.0.0", + "_id": "error-ex@1.3.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/error-ex", + "_nodeVersion": "4.1.1", + "_npmUser": { + "email": "i.am.qix@gmail.com", + "name": "qix" + }, + "_npmVersion": "3.3.6", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "error-ex@1.3.0", + "name": "error-ex", + "escapedName": "error-ex", + "rawSpec": "1.3.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.3.0" + }, + "_requiredBy": [ + "/bundle-dependencies/parse-json" + ], + "_resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.0.tgz", + "_shasum": "e67b43f3e82c96ea3a584ffee0b9fc3325d802d9", + "_shrinkwrap": "[Circular]", + "_spec": "1.3.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "bugs": { + "url": "https://github.com/qix-/node-error-ex/issues" + }, + "dependencies": { + "is-arrayish": { + "_args": [ + [ + "is-arrayish@^0.2.1", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/error-ex" + ], + [ + "is-arrayish@0.2.1", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "is-arrayish@>=0.2.1 <0.3.0", + "_id": "is-arrayish@0.2.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/is-arrayish", + "_nodeVersion": "0.12.7", + "_npmUser": { + "email": "i.am.qix@gmail.com", + "name": "qix" + }, + "_npmVersion": "3.2.2", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "is-arrayish@0.2.1", + "name": "is-arrayish", + "escapedName": "is-arrayish", + "rawSpec": "0.2.1", + "saveSpec": "[Circular]", + "fetchSpec": "0.2.1" + }, + "_requiredBy": [ + "/bundle-dependencies/error-ex" + ], + "_resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", + "_shasum": "77c99840527aa8ecb1a8ba697b80645a7a926a9d", + "_shrinkwrap": "[Circular]", + "_spec": "0.2.1", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Qix", + "url": "http://github.com/qix-" + }, + "bugs": { + "url": "https://github.com/qix-/node-is-arrayish/issues" + }, + "dependencies": {}, + "description": "Determines if an object can be used as an array", + "devDependencies": { + "coffee-script": "^1.9.3", + "coveralls": "^2.11.2", + "istanbul": "^0.3.17", + "mocha": "^2.2.5", + "should": "^7.0.1", + "xo": "^0.6.1" + }, + "directories": {}, + "dist": { + "shasum": "77c99840527aa8ecb1a8ba697b80645a7a926a9d", + "tarball": "http://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz" + }, + "gitHead": "53f22aa6ce557d7d31a3d1152a590a2df220df9d", + "homepage": "https://github.com/qix-/node-is-arrayish#readme", + "keywords": [ + "is", + "array", + "duck", + "type", + "arrayish", + "similar", + "proto", + "prototype", + "type" + ], + "license": "MIT", + "maintainers": [ + { + "name": "qix", + "email": "i.am.qix@gmail.com" + } + ], + "name": "is-arrayish", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/qix-/node-is-arrayish.git" + }, + "scripts": { + "pretest": "xo", + "test": "mocha --compilers coffee:coffee-script/register" + }, + "version": "0.2.1", + "readme": "# node-is-arrayish [![Travis-CI.org Build Status](https://img.shields.io/travis/Qix-/node-is-arrayish.svg?style=flat-square)](https://travis-ci.org/Qix-/node-is-arrayish) [![Coveralls.io Coverage Rating](https://img.shields.io/coveralls/Qix-/node-is-arrayish.svg?style=flat-square)](https://coveralls.io/r/Qix-/node-is-arrayish)\n> Determines if an object can be used like an Array\n\n## Example\n```javascript\nvar isArrayish = require('is-arrayish');\n\nisArrayish([]); // true\nisArrayish({__proto__: []}); // true\nisArrayish({}); // false\nisArrayish({length:10}); // false\n```\n\n## License\nLicensed under the [MIT License](http://opensource.org/licenses/MIT).\nYou can find a copy of it in [LICENSE](LICENSE).\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-arrayish", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Easy error subclassing and stack customization", + "devDependencies": { + "coffee-script": "^1.9.3", + "coveralls": "^2.11.2", + "istanbul": "^0.3.17", + "mocha": "^2.2.5", + "should": "^7.0.1", + "xo": "^0.7.1" + }, + "directories": {}, + "dist": { + "shasum": "e67b43f3e82c96ea3a584ffee0b9fc3325d802d9", + "tarball": "http://registry.npmjs.org/error-ex/-/error-ex-1.3.0.tgz" + }, + "files": [ + "index.js" + ], + "gitHead": "118bb63206f736f2450480e73f9d7d22692ae328", + "homepage": "https://github.com/qix-/node-error-ex#readme", + "keywords": [ + "error", + "errors", + "extend", + "extending", + "extension", + "subclass", + "stack", + "custom" + ], + "license": "MIT", + "maintainers": [ + { + "name": "qix", + "email": "i.am.qix@gmail.com" + }, + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "error-ex", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/qix-/node-error-ex.git" + }, + "scripts": { + "pretest": "xo", + "test": "mocha --compilers coffee:coffee-script/register" + }, + "version": "1.3.0", + "xo": { + "rules": { + "operator-linebreak": [ + 0 + ] + } + }, + "readme": "# node-error-ex [![Travis-CI.org Build Status](https://img.shields.io/travis/Qix-/node-error-ex.svg?style=flat-square)](https://travis-ci.org/Qix-/node-error-ex) [![Coveralls.io Coverage Rating](https://img.shields.io/coveralls/Qix-/node-error-ex.svg?style=flat-square)](https://coveralls.io/r/Qix-/node-error-ex)\n> Easily subclass and customize new Error types\n\n## Examples\nTo include in your project:\n```javascript\nvar errorEx = require('error-ex');\n```\n\nTo create an error message type with a specific name (note, that `ErrorFn.name`\nwill not reflect this):\n```javascript\nvar JSONError = errorEx('JSONError');\n\nvar err = new JSONError('error');\nerr.name; //-> JSONError\nthrow err; //-> JSONError: error\n```\n\nTo add a stack line:\n```javascript\nvar JSONError = errorEx('JSONError', {fileName: errorEx.line('in %s')});\n\nvar err = new JSONError('error')\nerr.fileName = '/a/b/c/foo.json';\nthrow err; //-> (line 2)-> in /a/b/c/foo.json\n```\n\nTo append to the error message:\n```javascript\nvar JSONError = errorEx('JSONError', {fileName: errorEx.append('in %s')});\n\nvar err = new JSONError('error');\nerr.fileName = '/a/b/c/foo.json';\nthrow err; //-> JSONError: error in /a/b/c/foo.json\n```\n\n## API\n\n#### `errorEx([name], [properties])`\nCreates a new ErrorEx error type\n\n- `name`: the name of the new type (appears in the error message upon throw;\n defaults to `Error.name`)\n- `properties`: if supplied, used as a key/value dictionary of properties to\n use when building up the stack message. Keys are property names that are\n looked up on the error message, and then passed to function values.\n\t- `line`: if specified and is a function, return value is added as a stack\n entry (error-ex will indent for you). Passed the property value given\n the key.\n - `stack`: if specified and is a function, passed the value of the property\n using the key, and the raw stack lines as a second argument. Takes no\n return value (but the stack can be modified directly).\n - `message`: if specified and is a function, return value is used as new\n `.message` value upon get. Passed the property value of the property named\n by key, and the existing message is passed as the second argument as an\n array of lines (suitable for multi-line messages).\n\nReturns a constructor (Function) that can be used just like the regular Error\nconstructor.\n\n```javascript\nvar errorEx = require('error-ex');\n\nvar BasicError = errorEx();\n\nvar NamedError = errorEx('NamedError');\n\n// --\n\nvar AdvancedError = errorEx('AdvancedError', {\n\tfoo: {\n\t\tline: function (value, stack) {\n\t\t\tif (value) {\n\t\t\t\treturn 'bar ' + value;\n\t\t\t}\n\t\t\treturn null;\n\t\t}\n\t}\n}\n\nvar err = new AdvancedError('hello, world');\nerr.foo = 'baz';\nthrow err;\n\n/*\n\tAdvancedError: hello, world\n\t bar baz\n\t at tryReadme() (readme.js:20:1)\n*/\n```\n\n#### `errorEx.line(str)`\nCreates a stack line using a delimiter\n\n> This is a helper function. It is to be used in lieu of writing a value object\n> for `properties` values.\n\n- `str`: The string to create\n - Use the delimiter `%s` to specify where in the string the value should go\n\n```javascript\nvar errorEx = require('error-ex');\n\nvar FileError = errorEx('FileError', {fileName: errorEx.line('in %s')});\n\nvar err = new FileError('problem reading file');\nerr.fileName = '/a/b/c/d/foo.js';\nthrow err;\n\n/*\n\tFileError: problem reading file\n\t in /a/b/c/d/foo.js\n\t at tryReadme() (readme.js:7:1)\n*/\n```\n\n#### `errorEx.append(str)`\nAppends to the `error.message` string\n\n> This is a helper function. It is to be used in lieu of writing a value object\n> for `properties` values.\n\n- `str`: The string to append\n - Use the delimiter `%s` to specify where in the string the value should go\n\n```javascript\nvar errorEx = require('error-ex');\n\nvar SyntaxError = errorEx('SyntaxError', {fileName: errorEx.append('in %s')});\n\nvar err = new SyntaxError('improper indentation');\nerr.fileName = '/a/b/c/d/foo.js';\nthrow err;\n\n/*\n\tSyntaxError: improper indentation in /a/b/c/d/foo.js\n\t at tryReadme() (readme.js:7:1)\n*/\n```\n\n## License\nLicensed under the [MIT License](http://opensource.org/licenses/MIT).\nYou can find a copy of it in [LICENSE](LICENSE).\n", + "readmeFilename": "README.md", + "_dependencies": { + "is-arrayish": "^0.2.1" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/error-ex", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Parse JSON with more helpful errors", + "devDependencies": { + "ava": "0.0.4", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "f480f40434ef80741f8469099f8dea18f55a4dc9", + "tarball": "http://registry.npmjs.org/parse-json/-/parse-json-2.2.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js", + "vendor" + ], + "gitHead": "419b0cbb83e67af53f9fd3f7ff98605ea2020eb6", + "homepage": "https://github.com/sindresorhus/parse-json", + "keywords": [ + "parse", + "json", + "graceful", + "error", + "message", + "humanize", + "friendly", + "helpful", + "string", + "str" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "parse-json", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/parse-json.git" + }, + "scripts": { + "test": "xo && node test.js" + }, + "version": "2.2.0", + "xo": { + "ignores": [ + "vendor/**" + ] + }, + "readme": "# parse-json [![Build Status](https://travis-ci.org/sindresorhus/parse-json.svg?branch=master)](https://travis-ci.org/sindresorhus/parse-json)\n\n> Parse JSON with more helpful errors\n\n\n## Install\n\n```\n$ npm install --save parse-json\n```\n\n\n## Usage\n\n```js\nvar parseJson = require('parse-json');\nvar json = '{\\n\\t\"foo\": true,\\n}';\n\n\nJSON.parse(json);\n/*\nundefined:3\n}\n^\nSyntaxError: Unexpected token }\n*/\n\n\nparseJson(json);\n/*\nJSONError: Trailing comma in object at 3:1\n}\n^\n*/\n\n\nparseJson(json, 'foo.json');\n/*\nJSONError: Trailing comma in object at 3:1 in foo.json\n}\n^\n*/\n\n\n// you can also add the filename at a later point\ntry {\n\tparseJson(json);\n} catch (err) {\n\terr.fileName = 'foo.json';\n\tthrow err;\n}\n/*\nJSONError: Trailing comma in object at 3:1 in foo.json\n}\n^\n*/\n```\n\n## API\n\n### parseJson(input, [reviver], [filename])\n\n#### input\n\nType: `string`\n\n#### reviver\n\nType: `function`\n\nPrescribes how the value originally produced by parsing is transformed, before being returned. See [`JSON.parse` docs](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/parse#Using_the_reviver_parameter\n) for more.\n\n#### filename\n\nType: `string`\n\nFilename displayed in the error message.\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "error-ex": "^1.2.0" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/parse-json", + "error": "[Circular]", + "extraneous": false + }, + "pify": { + "_args": [ + [ + "pify@^2.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/load-json-file" + ], + [ + "pify@2.3.0", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "pify@>=2.0.0 <3.0.0", + "_id": "pify@2.3.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/pify", + "_nodeVersion": "4.2.1", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.14.7", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "pify@2.3.0", + "name": "pify", + "escapedName": "pify", + "rawSpec": "2.3.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.3.0" + }, + "_requiredBy": [ + "/bundle-dependencies/load-json-file", + "/bundle-dependencies/path-type" + ], + "_resolved": "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz", + "_shasum": "ed141a6ac043a849ea588498e7dca8b15330e90c", + "_shrinkwrap": "[Circular]", + "_spec": "2.3.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/pify/issues" + }, + "dependencies": {}, + "description": "Promisify a callback-style function", + "devDependencies": { + "ava": "*", + "pinkie-promise": "^1.0.0", + "v8-natives": "0.0.2", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "ed141a6ac043a849ea588498e7dca8b15330e90c", + "tarball": "http://registry.npmjs.org/pify/-/pify-2.3.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "2dd0d8b880e4ebcc5cc33ae126b02647418e4440", + "homepage": "https://github.com/sindresorhus/pify", + "keywords": [ + "promise", + "promises", + "promisify", + "denodify", + "denodeify", + "callback", + "cb", + "node", + "then", + "thenify", + "convert", + "transform", + "wrap", + "wrapper", + "bind", + "to", + "async", + "es2015" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "pify", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/pify.git" + }, + "scripts": { + "optimization-test": "node --allow-natives-syntax optimization-test.js", + "test": "xo && ava && npm run optimization-test" + }, + "version": "2.3.0", + "readme": "# pify [![Build Status](https://travis-ci.org/sindresorhus/pify.svg?branch=master)](https://travis-ci.org/sindresorhus/pify)\n\n> Promisify a callback-style function\n\n\n## Install\n\n```\n$ npm install --save pify\n```\n\n\n## Usage\n\n```js\nconst fs = require('fs');\nconst pify = require('pify');\n\n// promisify a single function\n\npify(fs.readFile)('package.json', 'utf8').then(data => {\n\tconsole.log(JSON.parse(data).name);\n\t//=> 'pify'\n});\n\n// or promisify all methods in a module\n\npify(fs).readFile('package.json', 'utf8').then(data => {\n\tconsole.log(JSON.parse(data).name);\n\t//=> 'pify'\n});\n```\n\n\n## API\n\n### pify(input, [promiseModule], [options])\n\nReturns a promise wrapped version of the supplied function or module.\n\n#### input\n\nType: `function`, `object`\n\nCallback-style function or module whose methods you want to promisify.\n\n#### promiseModule\n\nType: `function`\n\nCustom promise module to use instead of the native one.\n\nCheck out [`pinkie-promise`](https://github.com/floatdrop/pinkie-promise) if you need a tiny promise polyfill.\n\n#### options\n\n##### multiArgs\n\nType: `boolean` \nDefault: `false`\n\nBy default, the promisified function will only return the second argument from the callback, which works fine for most APIs. This option can be useful for modules like `request` that return multiple arguments. Turning this on will make it return an array of all arguments from the callback, excluding the error argument, instead of just the second argument.\n\n```js\nconst request = require('request');\nconst pify = require('pify');\n\npify(request, {multiArgs: true})('https://sindresorhus.com').then(result => {\n\tconst [httpResponse, body] = result;\n});\n```\n\n##### include\n\nType: `array` of (`string`|`regex`)\n\nMethods in a module to promisify. Remaining methods will be left untouched.\n\n##### exclude\n\nType: `array` of (`string`|`regex`) \nDefault: `[/.+Sync$/]`\n\nMethods in a module **not** to promisify. Methods with names ending with `'Sync'` are excluded by default.\n\n##### excludeMain\n\nType: `boolean` \nDefault: `false`\n\nBy default, if given module is a function itself, this function will be promisified. Turn this option on if you want to promisify only methods of the module.\n\n```js\nconst pify = require('pify');\n\nfunction fn() {\n\treturn true;\n}\n\nfn.method = (data, callback) => {\n\tsetImmediate(() => {\n\t\tcallback(data, null);\n\t});\n};\n\n// promisify methods but not fn()\nconst promiseFn = pify(fn, {excludeMain: true});\n\nif (promiseFn()) {\n\tpromiseFn.method('hi').then(data => {\n\t\tconsole.log(data);\n\t});\n}\n```\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pify", + "error": "[Circular]", + "extraneous": false + }, + "pinkie-promise": { + "_args": "[Circular]", + "_from": "pinkie-promise@>=2.0.0 <3.0.0", + "_id": "pinkie-promise@2.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/pinkie-promise", + "_nodeVersion": "4.2.0", + "_npmUser": "[Circular]", + "_npmVersion": "2.14.7", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "pinkie-promise@2.0.0", + "name": "pinkie-promise", + "escapedName": "pinkie-promise", + "rawSpec": "2.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.0.0" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/pinkie-promise/-/pinkie-promise-2.0.0.tgz", + "_shasum": "4c83538de1f6e660c29e0a13446844f7a7e88259", + "_shrinkwrap": "[Circular]", + "_spec": "2.0.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "ES2015 Promise ponyfill", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "f90fcae9838bcae7ae1ae4ebc9b29f11e5db4980", + "homepage": "https://github.com/floatdrop/pinkie-promise", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "pinkie-promise", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "2.0.0", + "readme": "# pinkie-promise [![Build Status](https://travis-ci.org/floatdrop/pinkie-promise.svg?branch=master)](https://travis-ci.org/floatdrop/pinkie-promise)\n\n> [ES2015 Promise](https://people.mozilla.org/~jorendorff/es6-draft.html#sec-promise-objects) ponyfill\n\nModule exports global Promise object (if available) or [`pinkie`](http://github.com/floatdrop/pinkie) Promise polyfill.\n\n## Install\n\n```\n$ npm install --save pinkie-promise\n```\n\n## Usage\n\n```js\nvar Promise = require('pinkie-promise');\n\nnew Promise(function (resolve) { resolve('unicorns'); });\n//=> Promise { 'unicorns' }\n```\n\n## Related\n\n- [pify](https://github.com/sindresorhus/pify) - Promisify a callback-style function\n\n## License\n\nMIT © [Vsevolod Strukchinsky](http://github.com/floatdrop)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "error": "[Circular]", + "extraneous": false, + "_deduped": "bundle-dependencies/pinkie-promise" + }, + "strip-bom": { + "_args": [ + [ + "strip-bom@^2.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/load-json-file" + ], + [ + "strip-bom@2.0.0", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "strip-bom@>=2.0.0 <3.0.0", + "_id": "strip-bom@2.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/strip-bom", + "_nodeVersion": "0.12.5", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.11.2", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "strip-bom@2.0.0", + "name": "strip-bom", + "escapedName": "strip-bom", + "rawSpec": "2.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/load-json-file" + ], + "_resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-2.0.0.tgz", + "_shasum": "6219a85616520491f35788bdbf1447a99c7e6b0e", + "_shrinkwrap": "[Circular]", + "_spec": "2.0.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/strip-bom/issues" + }, + "dependencies": { + "is-utf8": { + "_args": [ + [ + "is-utf8@^0.2.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/strip-bom" + ], + [ + "is-utf8@0.2.1", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "is-utf8@>=0.2.0 <0.3.0", + "_id": "is-utf8@0.2.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/is-utf8", + "_nodeVersion": "2.3.4", + "_npmUser": { + "email": "whyer1@gmail.com", + "name": "wayfind" + }, + "_npmVersion": "2.12.1", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "is-utf8@0.2.1", + "name": "is-utf8", + "escapedName": "is-utf8", + "rawSpec": "0.2.1", + "saveSpec": "[Circular]", + "fetchSpec": "0.2.1" + }, + "_requiredBy": [ + "/bundle-dependencies/strip-bom" + ], + "_resolved": "https://registry.npmjs.org/is-utf8/-/is-utf8-0.2.1.tgz", + "_shasum": "4b0da1442104d1b336340e80797e865cf39f7d72", + "_shrinkwrap": "[Circular]", + "_spec": "0.2.1", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "wayfind" + }, + "bugs": { + "url": "https://github.com/wayfind/is-utf8/issues" + }, + "dependencies": {}, + "description": "Detect if a buffer is utf8 encoded.", + "devDependencies": {}, + "directories": {}, + "dist": { + "shasum": "4b0da1442104d1b336340e80797e865cf39f7d72", + "tarball": "http://registry.npmjs.org/is-utf8/-/is-utf8-0.2.1.tgz" + }, + "files": [ + "is-utf8.js" + ], + "gitHead": "709df7202f9c3f93cdc2463b352dd80d8de9ce0b", + "homepage": "https://github.com/wayfind/is-utf8#readme", + "keywords": [ + "utf8", + "charset" + ], + "license": "MIT", + "main": "is-utf8.js", + "maintainers": [ + { + "name": "wayfind", + "email": "whyer1@gmail.com" + } + ], + "name": "is-utf8", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/wayfind/is-utf8.git" + }, + "scripts": { + "test": "node test.js" + }, + "version": "0.2.1", + "readme": "#utf8 detector\n\nDetect if a Buffer is utf8 encoded. \nIt need The minimum amount of bytes is 4.\n\n\n```javascript\n var fs = require('fs');\n var isUtf8 = require('is-utf8');\n var ansi = fs.readFileSync('ansi.txt');\n var utf8 = fs.readFileSync('utf8.txt');\n \n console.log('ansi.txt is utf8: '+isUtf8(ansi)); //false\n console.log('utf8.txt is utf8: '+isUtf8(utf8)); //true\n```\n \n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-utf8", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Strip UTF-8 byte order mark (BOM) from a string/buffer", + "devDependencies": { + "mocha": "*" + }, + "directories": {}, + "dist": { + "shasum": "6219a85616520491f35788bdbf1447a99c7e6b0e", + "tarball": "http://registry.npmjs.org/strip-bom/-/strip-bom-2.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "851b9c126dba9561cc14ef3dc2634dcc11df4d11", + "homepage": "https://github.com/sindresorhus/strip-bom", + "keywords": [ + "bom", + "strip", + "byte", + "mark", + "unicode", + "utf8", + "utf-8", + "remove", + "delete", + "trim", + "text", + "buffer", + "string" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "strip-bom", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/strip-bom.git" + }, + "scripts": { + "test": "mocha" + }, + "version": "2.0.0", + "readme": "# strip-bom [![Build Status](https://travis-ci.org/sindresorhus/strip-bom.svg?branch=master)](https://travis-ci.org/sindresorhus/strip-bom)\n\n> Strip UTF-8 [byte order mark](http://en.wikipedia.org/wiki/Byte_order_mark#UTF-8) (BOM) from a string/buffer\n\nFrom Wikipedia:\n\n> The Unicode Standard permits the BOM in UTF-8, but does not require nor recommend its use. Byte order has no meaning in UTF-8.\n\n\n## Install\n\n```\n$ npm install --save strip-bom\n```\n\n\n## Usage\n\n```js\nvar fs = require('fs');\nvar stripBom = require('strip-bom');\n\nstripBom('\\uFEFFunicorn');\n//=> 'unicorn'\n\nstripBom(fs.readFileSync('unicorn.txt'));\n//=> 'unicorn'\n```\n\n\n## Related\n\n- [strip-bom-cli](https://github.com/sindresorhus/strip-bom-cli) - CLI for this module\n- [strip-bom-stream](https://github.com/sindresorhus/strip-bom-stream) - Stream version of this module\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "is-utf8": "^0.2.0" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-bom", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Read and parse a JSON file", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "956905708d58b4bab4c2261b04f59f31c99374c0", + "tarball": "http://registry.npmjs.org/load-json-file/-/load-json-file-1.1.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "115157a417380d3160da418d4ff25bb33b0051eb", + "homepage": "https://github.com/sindresorhus/load-json-file", + "keywords": [ + "json", + "read", + "parse", + "file", + "fs", + "graceful", + "load" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "load-json-file", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/load-json-file.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "1.1.0", + "xo": { + "ignores": [ + "test.js" + ] + }, + "readme": "# load-json-file [![Build Status](https://travis-ci.org/sindresorhus/load-json-file.svg?branch=master)](https://travis-ci.org/sindresorhus/load-json-file)\n\n> Read and parse a JSON file\n\n[Strips UTF-8 BOM](https://github.com/sindresorhus/strip-bom), uses [`graceful-fs`](https://github.com/isaacs/node-graceful-fs), and throws more [helpful JSON errors](https://github.com/sindresorhus/parse-json).\n\n\n## Install\n\n```\n$ npm install --save load-json-file\n```\n\n\n## Usage\n\n```js\nconst loadJsonFile = require('load-json-file');\n\nloadJsonFile('foo.json').then(json => {\n\tconsole.log(json);\n\t//=> {foo: true}\n});\n```\n\n\n## API\n\n### loadJsonFile(filepath)\n\nReturns a promise that resolves to the parsed JSON.\n\n### loadJsonFile.sync(filepath)\n\nReturns the parsed JSON.\n\n\n## Related\n\n- [write-json-file](https://github.com/sindresorhus/write-json-file) - Stringify and write JSON to a file atomically\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "graceful-fs": "^4.1.2", + "parse-json": "^2.2.0", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0", + "strip-bom": "^2.0.0" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/load-json-file", + "error": "[Circular]", + "extraneous": false + }, + "normalize-package-data": { + "_args": [ + [ + "normalize-package-data@^2.3.2", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/read-pkg" + ], + [ + "normalize-package-data@2.3.5", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "normalize-package-data@>=2.3.2 <3.0.0", + "_id": "normalize-package-data@2.3.5", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/normalize-package-data", + "_nodeVersion": "5.0.0", + "_npmUser": { + "email": "me@re-becca.org", + "name": "iarna" + }, + "_npmVersion": "3.3.6", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "normalize-package-data@2.3.5", + "name": "normalize-package-data", + "escapedName": "normalize-package-data", + "rawSpec": "2.3.5", + "saveSpec": "[Circular]", + "fetchSpec": "2.3.5" + }, + "_requiredBy": [ + "/bundle-dependencies/read-pkg" + ], + "_resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.3.5.tgz", + "_shasum": "8d924f142960e1777e7ffe170543631cc7cb02df", + "_shrinkwrap": "[Circular]", + "_spec": "2.3.5", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Meryn Stol", + "email": "merynstol@gmail.com" + }, + "bugs": { + "url": "https://github.com/npm/normalize-package-data/issues" + }, + "contributors": [ + { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me" + }, + { + "name": "Meryn Stol", + "email": "merynstol@gmail.com" + }, + { + "name": "Robert Kowalski", + "email": "rok@kowalski.gd" + } + ], + "dependencies": { + "hosted-git-info": { + "_args": [ + [ + "hosted-git-info@^2.1.4", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/normalize-package-data" + ], + [ + "hosted-git-info@2.1.4", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "hosted-git-info@>=2.1.4 <3.0.0", + "_id": "hosted-git-info@2.1.4", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/hosted-git-info", + "_nodeVersion": "2.0.2", + "_npmUser": { + "email": "ogd@aoaioxxysz.net", + "name": "othiym23" + }, + "_npmVersion": "2.10.1", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "hosted-git-info@2.1.4", + "name": "hosted-git-info", + "escapedName": "hosted-git-info", + "rawSpec": "2.1.4", + "saveSpec": "[Circular]", + "fetchSpec": "2.1.4" + }, + "_requiredBy": [ + "/bundle-dependencies/normalize-package-data" + ], + "_resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.1.4.tgz", + "_shasum": "d9e953b26988be88096c46e926494d9604c300f8", + "_shrinkwrap": "[Circular]", + "_spec": "2.1.4", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Rebecca Turner", + "email": "me@re-becca.org", + "url": "http://re-becca.org" + }, + "bugs": { + "url": "https://github.com/npm/hosted-git-info/issues" + }, + "dependencies": {}, + "description": "Provides metadata and conversions from repository urls for Github, Bitbucket and Gitlab", + "devDependencies": { + "standard": "^3.3.2", + "tap": "^0.4.13" + }, + "directories": {}, + "dist": { + "shasum": "d9e953b26988be88096c46e926494d9604c300f8", + "tarball": "http://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.1.4.tgz" + }, + "gitHead": "9e1a36df8eb050a663713c79e56d89dadba2bd8d", + "homepage": "https://github.com/npm/hosted-git-info", + "keywords": [ + "git", + "github", + "bitbucket", + "gitlab" + ], + "license": "ISC", + "main": "index.js", + "maintainers": [ + { + "name": "iarna", + "email": "me@re-becca.org" + }, + { + "name": "othiym23", + "email": "ogd@aoaioxxysz.net" + } + ], + "name": "hosted-git-info", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/npm/hosted-git-info.git" + }, + "scripts": { + "test": "standard && tap test/*.js" + }, + "version": "2.1.4", + "readme": "# hosted-git-info\n\nThis will let you identify and transform various git hosts URLs between\nprotocols. It also can tell you what the URL is for the raw path for\nparticular file for direct access without git.\n\n## Usage\n\n```javascript\nvar hostedGitInfo = require(\"hosted-git-info\")\nvar info = hostedGitInfo.fromUrl(\"git@github.com:npm/hosted-git-info.git\")\n/* info looks like:\n{\n type: \"github\",\n domain: \"github.com\",\n user: \"npm\",\n project: \"hosted-git-info\"\n}\n*/\n```\n\nIf the URL can't be matched with a git host, `null` will be returned. We\ncan match git, ssh and https urls. Additionally, we can match ssh connect\nstrings (`git@github.com:npm/hosted-git-info`) and shortcuts (eg,\n`github:npm/hosted-git-info`). Github specifically, is detected in the case\nof a third, unprefixed, form: `npm/hosted-git-info`.\n\nIf it does match, the returned object has properties of:\n\n* info.type -- The short name of the service\n* info.domain -- The domain for git protocol use\n* info.user -- The name of the user/org on the git host\n* info.project -- The name of the project on the git host\n\nAnd methods of:\n\n* info.file(path)\n\nGiven the path of a file relative to the repository, returns a URL for\ndirectly fetching it from the githost. If no committish was set then\n`master` will be used as the default.\n\nFor example `hostedGitInfo.fromUrl(\"git@github.com:npm/hosted-git-info.git#v1.0.0\").file(\"package.json\")`\nwould return `https://raw.githubusercontent.com/npm/hosted-git-info/v1.0.0/package.json`\n\n* info.shortcut()\n\neg, `github:npm/hosted-git-info`\n\n* info.browse()\n\neg, `https://github.com/npm/hosted-git-info/tree/v1.2.0`\n\n* info.bugs()\n\neg, `https://github.com/npm/hosted-git-info/issues`\n\n* info.docs()\n\neg, `https://github.com/npm/hosted-git-info/tree/v1.2.0#readme`\n\n* info.https()\n\neg, `git+https://github.com/npm/hosted-git-info.git`\n\n* info.sshurl()\n\neg, `git+ssh://git@github.com/npm/hosted-git-info.git`\n\n* info.ssh()\n\neg, `git@github.com:npm/hosted-git-info.git`\n\n* info.path()\n\neg, `npm/hosted-git-info`\n\n* info.getDefaultRepresentation()\n\nReturns the default output type. The default output type is based on the\nstring you passed in to be parsed\n\n* info.toString()\n\nUses the getDefaultRepresentation to call one of the other methods to get a URL for\nthis resource. As such `hostedGitInfo.fromUrl(url).toString()` will give\nyou a normalized version of the URL that still uses the same protocol.\n\nShortcuts will still be returned as shortcuts, but the special case github\nform of `org/project` will be normalized to `github:org/project`.\n\nSSH connect strings will be normalized into `git+ssh` URLs.\n\n\n## Supported hosts\n\nCurrently this supports Github, Bitbucket and Gitlab. Pull requests for\nadditional hosts welcome.\n\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/hosted-git-info", + "error": "[Circular]", + "extraneous": false + }, + "is-builtin-module": { + "_args": [ + [ + "is-builtin-module@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/normalize-package-data" + ], + [ + "is-builtin-module@1.0.0", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "is-builtin-module@>=1.0.0 <2.0.0", + "_id": "is-builtin-module@1.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/is-builtin-module", + "_nodeVersion": "0.12.2", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.7.4", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "is-builtin-module@1.0.0", + "name": "is-builtin-module", + "escapedName": "is-builtin-module", + "rawSpec": "1.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/normalize-package-data" + ], + "_resolved": "https://registry.npmjs.org/is-builtin-module/-/is-builtin-module-1.0.0.tgz", + "_shasum": "540572d34f7ac3119f8f76c30cbc1b1e037affbe", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/is-builtin-module/issues" + }, + "dependencies": { + "builtin-modules": { + "_args": [ + [ + "builtin-modules@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/is-builtin-module" + ], + [ + "builtin-modules@1.1.1", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "builtin-modules@>=1.0.0 <2.0.0", + "_id": "builtin-modules@1.1.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/builtin-modules", + "_nodeVersion": "5.3.0", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "3.3.12", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "builtin-modules@1.1.1", + "name": "builtin-modules", + "escapedName": "builtin-modules", + "rawSpec": "1.1.1", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.1" + }, + "_requiredBy": [ + "/bundle-dependencies/is-builtin-module" + ], + "_resolved": "https://registry.npmjs.org/builtin-modules/-/builtin-modules-1.1.1.tgz", + "_shasum": "270f076c5a72c02f5b65a47df94c5fe3a278892f", + "_shrinkwrap": "[Circular]", + "_spec": "1.1.1", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/builtin-modules/issues" + }, + "dependencies": {}, + "description": "List of the Node.js builtin modules", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "270f076c5a72c02f5b65a47df94c5fe3a278892f", + "tarball": "http://registry.npmjs.org/builtin-modules/-/builtin-modules-1.1.1.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js", + "static.js", + "builtin-modules.json" + ], + "gitHead": "0ea253452b1d8cb3a70d16464f909dbc0bc370fe", + "homepage": "https://github.com/sindresorhus/builtin-modules#readme", + "keywords": [ + "builtin", + "built-in", + "builtins", + "node", + "modules", + "core", + "bundled", + "list", + "array", + "names" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "builtin-modules", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/builtin-modules.git" + }, + "scripts": { + "make": "node make.js", + "test": "xo && ava" + }, + "version": "1.1.1", + "readme": "# builtin-modules [![Build Status](https://travis-ci.org/sindresorhus/builtin-modules.svg?branch=master)](https://travis-ci.org/sindresorhus/builtin-modules)\n\n> List of the Node.js builtin modules\n\nThe list is just a [JSON file](builtin-modules.json) and can be used wherever.\n\n\n## Install\n\n```\n$ npm install --save builtin-modules\n```\n\n\n## Usage\n\n```js\nvar builtinModules = require('builtin-modules');\n\nconsole.log(builinModules);\n//=> ['assert', 'buffer', ...]\n```\n\n\n## API\n\nReturns an array of builtin modules fetched from the running Node.js version.\n\n### Static list\n\nThis module also comes bundled with a static array of builtin modules generated from the latest Node.js version. You can get it with `require('builtin-modules/static');`\n\n\n## Related\n\n- [is-builtin-module](https://github.com/sindresorhus/is-builtin-module) - Check if a string matches the name of a Node.js builtin module\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/builtin-modules", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Check if a string matches the name of a Node.js builtin module", + "devDependencies": { + "ava": "0.0.4" + }, + "directories": {}, + "dist": { + "shasum": "540572d34f7ac3119f8f76c30cbc1b1e037affbe", + "tarball": "http://registry.npmjs.org/is-builtin-module/-/is-builtin-module-1.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "da55ebf031f3864c5d309e25e49ed816957d70a2", + "homepage": "https://github.com/sindresorhus/is-builtin-module", + "keywords": [ + "builtin", + "built-in", + "builtins", + "node", + "modules", + "core", + "bundled", + "list", + "array", + "names", + "is", + "detect", + "check", + "match" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "is-builtin-module", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/is-builtin-module.git" + }, + "scripts": { + "test": "node test.js" + }, + "version": "1.0.0", + "readme": "# is-builtin-module [![Build Status](https://travis-ci.org/sindresorhus/is-builtin-module.svg?branch=master)](https://travis-ci.org/sindresorhus/is-builtin-module)\n\n> Check if a string matches the name of a Node.js builtin module\n\n\n## Install\n\n```\n$ npm install --save is-builtin-module\n```\n\n\n## Usage\n\n```js\nvar isBuiltinModule = require('is-builtin-module');\n\nisBuiltinModule('fs');\n//=> true\n\nisBuiltinModule('unicorn');\n//=> false :(\n```\n\n\n## Related\n\n- [builtin-modules](https://github.com/sindresorhus/builtin-modules) - List of the Node.js builtin modules\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "builtin-modules": "^1.0.0" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-builtin-module", + "error": "[Circular]", + "extraneous": false + }, + "semver": { + "_args": [ + [ + "semver@2 || 3 || 4 || 5", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/normalize-package-data" + ], + [ + "semver@5.1.0", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "semver@>=2.0.0 <3.0.0||>=3.0.0 <4.0.0||>=4.0.0 <5.0.0||>=5.0.0 <6.0.0", + "_id": "semver@5.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/semver", + "_nodeVersion": "4.0.0", + "_npmUser": { + "email": "i@izs.me", + "name": "isaacs" + }, + "_npmVersion": "3.3.2", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "semver@5.1.0", + "name": "semver", + "escapedName": "semver", + "rawSpec": "5.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "5.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies/normalize-package-data" + ], + "_resolved": "https://registry.npmjs.org/semver/-/semver-5.1.0.tgz", + "_shasum": "85f2cf8550465c4df000cf7d86f6b054106ab9e5", + "_shrinkwrap": "[Circular]", + "_spec": "5.1.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "bin": { + "semver": "bin/semver" + }, + "bugs": { + "url": "https://github.com/npm/node-semver/issues" + }, + "dependencies": {}, + "description": "The semantic version parser used by npm.", + "devDependencies": { + "tap": "^2.0.0" + }, + "directories": {}, + "dist": { + "shasum": "85f2cf8550465c4df000cf7d86f6b054106ab9e5", + "tarball": "http://registry.npmjs.org/semver/-/semver-5.1.0.tgz" + }, + "gitHead": "8e33a30e62e40e4983d1c5f55e794331b861aadc", + "homepage": "https://github.com/npm/node-semver#readme", + "license": "ISC", + "main": "semver.js", + "maintainers": [ + { + "name": "isaacs", + "email": "isaacs@npmjs.com" + }, + { + "name": "othiym23", + "email": "ogd@aoaioxxysz.net" + } + ], + "name": "semver", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/npm/node-semver.git" + }, + "scripts": { + "test": "tap test/*.js" + }, + "version": "5.1.0", + "readme": "semver(1) -- The semantic versioner for npm\n===========================================\n\n## Usage\n\n $ npm install semver\n\n semver.valid('1.2.3') // '1.2.3'\n semver.valid('a.b.c') // null\n semver.clean(' =v1.2.3 ') // '1.2.3'\n semver.satisfies('1.2.3', '1.x || >=2.5.0 || 5.0.0 - 7.2.3') // true\n semver.gt('1.2.3', '9.8.7') // false\n semver.lt('1.2.3', '9.8.7') // true\n\nAs a command-line utility:\n\n $ semver -h\n\n Usage: semver [ [...]] [-r | -i | --preid | -l | -rv]\n Test if version(s) satisfy the supplied range(s), and sort them.\n\n Multiple versions or ranges may be supplied, unless increment\n option is specified. In that case, only a single version may\n be used, and it is incremented by the specified level\n\n Program exits successfully if any valid version satisfies\n all supplied ranges, and prints all satisfying versions.\n\n If no versions are valid, or ranges are not satisfied,\n then exits failure.\n\n Versions are printed in ascending order, so supplying\n multiple versions to the utility will just sort them.\n\n## Versions\n\nA \"version\" is described by the `v2.0.0` specification found at\n.\n\nA leading `\"=\"` or `\"v\"` character is stripped off and ignored.\n\n## Ranges\n\nA `version range` is a set of `comparators` which specify versions\nthat satisfy the range.\n\nA `comparator` is composed of an `operator` and a `version`. The set\nof primitive `operators` is:\n\n* `<` Less than\n* `<=` Less than or equal to\n* `>` Greater than\n* `>=` Greater than or equal to\n* `=` Equal. If no operator is specified, then equality is assumed,\n so this operator is optional, but MAY be included.\n\nFor example, the comparator `>=1.2.7` would match the versions\n`1.2.7`, `1.2.8`, `2.5.3`, and `1.3.9`, but not the versions `1.2.6`\nor `1.1.0`.\n\nComparators can be joined by whitespace to form a `comparator set`,\nwhich is satisfied by the **intersection** of all of the comparators\nit includes.\n\nA range is composed of one or more comparator sets, joined by `||`. A\nversion matches a range if and only if every comparator in at least\none of the `||`-separated comparator sets is satisfied by the version.\n\nFor example, the range `>=1.2.7 <1.3.0` would match the versions\n`1.2.7`, `1.2.8`, and `1.2.99`, but not the versions `1.2.6`, `1.3.0`,\nor `1.1.0`.\n\nThe range `1.2.7 || >=1.2.9 <2.0.0` would match the versions `1.2.7`,\n`1.2.9`, and `1.4.6`, but not the versions `1.2.8` or `2.0.0`.\n\n### Prerelease Tags\n\nIf a version has a prerelease tag (for example, `1.2.3-alpha.3`) then\nit will only be allowed to satisfy comparator sets if at least one\ncomparator with the same `[major, minor, patch]` tuple also has a\nprerelease tag.\n\nFor example, the range `>1.2.3-alpha.3` would be allowed to match the\nversion `1.2.3-alpha.7`, but it would *not* be satisfied by\n`3.4.5-alpha.9`, even though `3.4.5-alpha.9` is technically \"greater\nthan\" `1.2.3-alpha.3` according to the SemVer sort rules. The version\nrange only accepts prerelease tags on the `1.2.3` version. The\nversion `3.4.5` *would* satisfy the range, because it does not have a\nprerelease flag, and `3.4.5` is greater than `1.2.3-alpha.7`.\n\nThe purpose for this behavior is twofold. First, prerelease versions\nfrequently are updated very quickly, and contain many breaking changes\nthat are (by the author's design) not yet fit for public consumption.\nTherefore, by default, they are excluded from range matching\nsemantics.\n\nSecond, a user who has opted into using a prerelease version has\nclearly indicated the intent to use *that specific* set of\nalpha/beta/rc versions. By including a prerelease tag in the range,\nthe user is indicating that they are aware of the risk. However, it\nis still not appropriate to assume that they have opted into taking a\nsimilar risk on the *next* set of prerelease versions.\n\n#### Prerelease Identifiers\n\nThe method `.inc` takes an additional `identifier` string argument that\nwill append the value of the string as a prerelease identifier:\n\n```javascript\n> semver.inc('1.2.3', 'prerelease', 'beta')\n'1.2.4-beta.0'\n```\n\ncommand-line example:\n\n```shell\n$ semver 1.2.3 -i prerelease --preid beta\n1.2.4-beta.0\n```\n\nWhich then can be used to increment further:\n\n```shell\n$ semver 1.2.4-beta.0 -i prerelease\n1.2.4-beta.1\n```\n\n### Advanced Range Syntax\n\nAdvanced range syntax desugars to primitive comparators in\ndeterministic ways.\n\nAdvanced ranges may be combined in the same way as primitive\ncomparators using white space or `||`.\n\n#### Hyphen Ranges `X.Y.Z - A.B.C`\n\nSpecifies an inclusive set.\n\n* `1.2.3 - 2.3.4` := `>=1.2.3 <=2.3.4`\n\nIf a partial version is provided as the first version in the inclusive\nrange, then the missing pieces are replaced with zeroes.\n\n* `1.2 - 2.3.4` := `>=1.2.0 <=2.3.4`\n\nIf a partial version is provided as the second version in the\ninclusive range, then all versions that start with the supplied parts\nof the tuple are accepted, but nothing that would be greater than the\nprovided tuple parts.\n\n* `1.2.3 - 2.3` := `>=1.2.3 <2.4.0`\n* `1.2.3 - 2` := `>=1.2.3 <3.0.0`\n\n#### X-Ranges `1.2.x` `1.X` `1.2.*` `*`\n\nAny of `X`, `x`, or `*` may be used to \"stand in\" for one of the\nnumeric values in the `[major, minor, patch]` tuple.\n\n* `*` := `>=0.0.0` (Any version satisfies)\n* `1.x` := `>=1.0.0 <2.0.0` (Matching major version)\n* `1.2.x` := `>=1.2.0 <1.3.0` (Matching major and minor versions)\n\nA partial version range is treated as an X-Range, so the special\ncharacter is in fact optional.\n\n* `\"\"` (empty string) := `*` := `>=0.0.0`\n* `1` := `1.x.x` := `>=1.0.0 <2.0.0`\n* `1.2` := `1.2.x` := `>=1.2.0 <1.3.0`\n\n#### Tilde Ranges `~1.2.3` `~1.2` `~1`\n\nAllows patch-level changes if a minor version is specified on the\ncomparator. Allows minor-level changes if not.\n\n* `~1.2.3` := `>=1.2.3 <1.(2+1).0` := `>=1.2.3 <1.3.0`\n* `~1.2` := `>=1.2.0 <1.(2+1).0` := `>=1.2.0 <1.3.0` (Same as `1.2.x`)\n* `~1` := `>=1.0.0 <(1+1).0.0` := `>=1.0.0 <2.0.0` (Same as `1.x`)\n* `~0.2.3` := `>=0.2.3 <0.(2+1).0` := `>=0.2.3 <0.3.0`\n* `~0.2` := `>=0.2.0 <0.(2+1).0` := `>=0.2.0 <0.3.0` (Same as `0.2.x`)\n* `~0` := `>=0.0.0 <(0+1).0.0` := `>=0.0.0 <1.0.0` (Same as `0.x`)\n* `~1.2.3-beta.2` := `>=1.2.3-beta.2 <1.3.0` Note that prereleases in\n the `1.2.3` version will be allowed, if they are greater than or\n equal to `beta.2`. So, `1.2.3-beta.4` would be allowed, but\n `1.2.4-beta.2` would not, because it is a prerelease of a\n different `[major, minor, patch]` tuple.\n\n#### Caret Ranges `^1.2.3` `^0.2.5` `^0.0.4`\n\nAllows changes that do not modify the left-most non-zero digit in the\n`[major, minor, patch]` tuple. In other words, this allows patch and\nminor updates for versions `1.0.0` and above, patch updates for\nversions `0.X >=0.1.0`, and *no* updates for versions `0.0.X`.\n\nMany authors treat a `0.x` version as if the `x` were the major\n\"breaking-change\" indicator.\n\nCaret ranges are ideal when an author may make breaking changes\nbetween `0.2.4` and `0.3.0` releases, which is a common practice.\nHowever, it presumes that there will *not* be breaking changes between\n`0.2.4` and `0.2.5`. It allows for changes that are presumed to be\nadditive (but non-breaking), according to commonly observed practices.\n\n* `^1.2.3` := `>=1.2.3 <2.0.0`\n* `^0.2.3` := `>=0.2.3 <0.3.0`\n* `^0.0.3` := `>=0.0.3 <0.0.4`\n* `^1.2.3-beta.2` := `>=1.2.3-beta.2 <2.0.0` Note that prereleases in\n the `1.2.3` version will be allowed, if they are greater than or\n equal to `beta.2`. So, `1.2.3-beta.4` would be allowed, but\n `1.2.4-beta.2` would not, because it is a prerelease of a\n different `[major, minor, patch]` tuple.\n* `^0.0.3-beta` := `>=0.0.3-beta <0.0.4` Note that prereleases in the\n `0.0.3` version *only* will be allowed, if they are greater than or\n equal to `beta`. So, `0.0.3-pr.2` would be allowed.\n\nWhen parsing caret ranges, a missing `patch` value desugars to the\nnumber `0`, but will allow flexibility within that value, even if the\nmajor and minor versions are both `0`.\n\n* `^1.2.x` := `>=1.2.0 <2.0.0`\n* `^0.0.x` := `>=0.0.0 <0.1.0`\n* `^0.0` := `>=0.0.0 <0.1.0`\n\nA missing `minor` and `patch` values will desugar to zero, but also\nallow flexibility within those values, even if the major version is\nzero.\n\n* `^1.x` := `>=1.0.0 <2.0.0`\n* `^0.x` := `>=0.0.0 <1.0.0`\n\n### Range Grammar\n\nPutting all this together, here is a Backus-Naur grammar for ranges,\nfor the benefit of parser authors:\n\n```bnf\nrange-set ::= range ( logical-or range ) *\nlogical-or ::= ( ' ' ) * '||' ( ' ' ) *\nrange ::= hyphen | simple ( ' ' simple ) * | ''\nhyphen ::= partial ' - ' partial\nsimple ::= primitive | partial | tilde | caret\nprimitive ::= ( '<' | '>' | '>=' | '<=' | '=' | ) partial\npartial ::= xr ( '.' xr ( '.' xr qualifier ? )? )?\nxr ::= 'x' | 'X' | '*' | nr\nnr ::= '0' | ['1'-'9']['0'-'9']+\ntilde ::= '~' partial\ncaret ::= '^' partial\nqualifier ::= ( '-' pre )? ( '+' build )?\npre ::= parts\nbuild ::= parts\nparts ::= part ( '.' part ) *\npart ::= nr | [-0-9A-Za-z]+\n```\n\n## Functions\n\nAll methods and classes take a final `loose` boolean argument that, if\ntrue, will be more forgiving about not-quite-valid semver strings.\nThe resulting output will always be 100% strict, of course.\n\nStrict-mode Comparators and Ranges will be strict about the SemVer\nstrings that they parse.\n\n* `valid(v)`: Return the parsed version, or null if it's not valid.\n* `inc(v, release)`: Return the version incremented by the release\n type (`major`, `premajor`, `minor`, `preminor`, `patch`,\n `prepatch`, or `prerelease`), or null if it's not valid\n * `premajor` in one call will bump the version up to the next major\n version and down to a prerelease of that major version.\n `preminor`, and `prepatch` work the same way.\n * If called from a non-prerelease version, the `prerelease` will work the\n same as `prepatch`. It increments the patch version, then makes a\n prerelease. If the input version is already a prerelease it simply\n increments it.\n* `major(v)`: Return the major version number.\n* `minor(v)`: Return the minor version number.\n* `patch(v)`: Return the patch version number.\n\n### Comparison\n\n* `gt(v1, v2)`: `v1 > v2`\n* `gte(v1, v2)`: `v1 >= v2`\n* `lt(v1, v2)`: `v1 < v2`\n* `lte(v1, v2)`: `v1 <= v2`\n* `eq(v1, v2)`: `v1 == v2` This is true if they're logically equivalent,\n even if they're not the exact same string. You already know how to\n compare strings.\n* `neq(v1, v2)`: `v1 != v2` The opposite of `eq`.\n* `cmp(v1, comparator, v2)`: Pass in a comparison string, and it'll call\n the corresponding function above. `\"===\"` and `\"!==\"` do simple\n string comparison, but are included for completeness. Throws if an\n invalid comparison string is provided.\n* `compare(v1, v2)`: Return `0` if `v1 == v2`, or `1` if `v1` is greater, or `-1` if\n `v2` is greater. Sorts in ascending order if passed to `Array.sort()`.\n* `rcompare(v1, v2)`: The reverse of compare. Sorts an array of versions\n in descending order when passed to `Array.sort()`.\n* `diff(v1, v2)`: Returns difference between two versions by the release type\n (`major`, `premajor`, `minor`, `preminor`, `patch`, `prepatch`, or `prerelease`),\n or null if the versions are the same.\n\n\n### Ranges\n\n* `validRange(range)`: Return the valid range or null if it's not valid\n* `satisfies(version, range)`: Return true if the version satisfies the\n range.\n* `maxSatisfying(versions, range)`: Return the highest version in the list\n that satisfies the range, or `null` if none of them do.\n* `gtr(version, range)`: Return `true` if version is greater than all the\n versions possible in the range.\n* `ltr(version, range)`: Return `true` if version is less than all the\n versions possible in the range.\n* `outside(version, range, hilo)`: Return true if the version is outside\n the bounds of the range in either the high or low direction. The\n `hilo` argument must be either the string `'>'` or `'<'`. (This is\n the function called by `gtr` and `ltr`.)\n\nNote that, since ranges may be non-contiguous, a version might not be\ngreater than a range, less than a range, *or* satisfy a range! For\nexample, the range `1.2 <1.2.9 || >2.0.0` would have a hole from `1.2.9`\nuntil `2.0.0`, so the version `1.2.10` would not be greater than the\nrange (because `2.0.1` satisfies, which is higher), nor less than the\nrange (since `1.2.8` satisfies, which is lower), and it also does not\nsatisfy the range.\n\nIf you want to know if a version satisfies or does not satisfy a\nrange, use the `satisfies(version, range)` function.\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/semver", + "error": "[Circular]", + "extraneous": false + }, + "validate-npm-package-license": { + "_args": [ + [ + "validate-npm-package-license@^3.0.1", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/normalize-package-data" + ], + [ + "validate-npm-package-license@3.0.1", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "validate-npm-package-license@>=3.0.1 <4.0.0", + "_id": "validate-npm-package-license@3.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/validate-npm-package-license", + "_nodeVersion": "0.12.7", + "_npmUser": { + "email": "kyle@kemitchell.com", + "name": "kemitchell" + }, + "_npmVersion": "2.13.5", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "validate-npm-package-license@3.0.1", + "name": "validate-npm-package-license", + "escapedName": "validate-npm-package-license", + "rawSpec": "3.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "3.0.1" + }, + "_requiredBy": [ + "/bundle-dependencies/normalize-package-data" + ], + "_resolved": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.1.tgz", + "_shasum": "2804babe712ad3379459acfbe24746ab2c303fbc", + "_shrinkwrap": "[Circular]", + "_spec": "3.0.1", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Kyle E. Mitchell", + "email": "kyle@kemitchell.com", + "url": "https://kemitchell.com" + }, + "bugs": { + "url": "https://github.com/kemitchell/validate-npm-package-license.js/issues" + }, + "dependencies": { + "spdx-correct": { + "_args": [ + [ + "spdx-correct@~1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/validate-npm-package-license" + ], + [ + "spdx-correct@1.0.2", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "spdx-correct@>=1.0.0 <1.1.0", + "_id": "spdx-correct@1.0.2", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/spdx-correct", + "_nodeVersion": "4.2.1", + "_npmUser": { + "email": "kyle@kemitchell.com", + "name": "kemitchell" + }, + "_npmVersion": "3.3.6", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "spdx-correct@1.0.2", + "name": "spdx-correct", + "escapedName": "spdx-correct", + "rawSpec": "1.0.2", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.2" + }, + "_requiredBy": [ + "/bundle-dependencies/validate-npm-package-license" + ], + "_resolved": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-1.0.2.tgz", + "_shasum": "4b3073d933ff51f3912f03ac5519498a4150db40", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.2", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Kyle E. Mitchell", + "email": "kyle@kemitchell.com", + "url": "https://kemitchell.com" + }, + "bugs": { + "url": "https://github.com/kemitchell/spdx-correct.js/issues" + }, + "dependencies": { + "spdx-license-ids": { + "_args": [ + [ + "spdx-license-ids@^1.0.2", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/spdx-correct" + ], + [ + "spdx-license-ids@1.2.0", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "spdx-license-ids@>=1.0.2 <2.0.0", + "_id": "spdx-license-ids@1.2.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/spdx-license-ids", + "_nodeVersion": "5.4.0", + "_npmUser": { + "email": "snnskwtnb@gmail.com", + "name": "shinnn" + }, + "_npmVersion": "3.5.2", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "spdx-license-ids@1.2.0", + "name": "spdx-license-ids", + "escapedName": "spdx-license-ids", + "rawSpec": "1.2.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.2.0" + }, + "_requiredBy": [ + "/bundle-dependencies/spdx-correct", + "/bundle-dependencies/spdx-expression-parse" + ], + "_resolved": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-1.2.0.tgz", + "_shasum": "b549dd0f63dcb745a17e2ea3a07402e0e332d1e2", + "_shrinkwrap": "[Circular]", + "_spec": "1.2.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Shinnosuke Watanabe", + "url": "https://github.com/shinnn" + }, + "bugs": { + "url": "https://github.com/shinnn/spdx-license-ids/issues" + }, + "dependencies": {}, + "description": "A list of SPDX license identifiers", + "devDependencies": { + "@shinnn/eslintrc": "^1.0.0", + "each-async": "^1.1.1", + "eslint": "^0.24.0", + "got": "^3.3.0", + "istanbul": "^0.3.17", + "require-bower-files": "^2.0.0", + "rimraf": "^2.4.1", + "stringify-object": "^2.2.0", + "tape": "^4.0.0" + }, + "directories": {}, + "dist": { + "shasum": "b549dd0f63dcb745a17e2ea3a07402e0e332d1e2", + "tarball": "http://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-1.2.0.tgz" + }, + "files": [ + "spdx-license-ids.json" + ], + "gitHead": "f74a7a16ca05540e0e97f1bbb61da07829b5d9ab", + "homepage": "https://github.com/shinnn/spdx-license-ids#readme", + "keywords": [ + "spdx", + "license", + "licenses", + "id", + "identifier", + "identifiers", + "json", + "array", + "oss", + "browser", + "client-side" + ], + "license": "Unlicense", + "main": "spdx-license-ids.json", + "maintainers": [ + { + "name": "shinnn", + "email": "snnskwtnb@gmail.com" + } + ], + "name": "spdx-license-ids", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/shinnn/spdx-license-ids.git" + }, + "scripts": { + "build": "node --harmony_arrow_functions build.js", + "coverage": "node --harmony_arrow_functions node_modules/.bin/istanbul cover test.js", + "coveralls": "${npm_package_scripts_coverage} && istanbul-coveralls", + "lint": "eslint --config node_modules/@shinnn/eslintrc/rc.json --ignore-path .gitignore .", + "pretest": "${npm_package_scripts_build} && ${npm_package_scripts_lint}", + "test": "node --harmony_arrow_functions test.js" + }, + "version": "1.2.0", + "readme": "# spdx-license-ids\n\nA list of [SPDX license](https://spdx.org/licenses/) identifiers\n\n[**Download JSON**](https://raw.githubusercontent.com/shinnn/spdx-license-ids/master/spdx-license-ids.json)\n\n## Use as a JavaScript Library\n\n[![NPM version](https://img.shields.io/npm/v/spdx-license-ids.svg)](https://www.npmjs.org/package/spdx-license-ids)\n[![Bower version](https://img.shields.io/bower/v/spdx-license-ids.svg)](https://github.com/shinnn/spdx-license-ids/releases)\n[![Build Status](https://travis-ci.org/shinnn/spdx-license-ids.svg?branch=master)](https://travis-ci.org/shinnn/spdx-license-ids)\n[![Coverage Status](https://img.shields.io/coveralls/shinnn/spdx-license-ids.svg)](https://coveralls.io/r/shinnn/spdx-license-ids)\n[![devDependency Status](https://david-dm.org/shinnn/spdx-license-ids/dev-status.svg)](https://david-dm.org/shinnn/spdx-license-ids#info=devDependencies)\n\n### Installation\n\n#### Package managers\n\n##### [npm](https://www.npmjs.com/)\n\n```sh\nnpm install spdx-license-ids\n```\n\n##### [bower](http://bower.io/)\n\n```sh\nbower install spdx-license-ids\n```\n\n##### [Duo](http://duojs.org/)\n\n```javascript\nconst spdxLicenseIds = require('shinnn/spdx-license-ids');\n```\n\n#### Standalone\n\n[Download the script file directly.](https://raw.githubusercontent.com/shinnn/spdx-license-ids/master/spdx-license-ids-browser.js)\n\n### API\n\n#### spdxLicenseIds\n\nType: `Array` of `String`\n\nIt returns an array of SPDX license identifiers.\n\n```javascript\nconst spdxLicenseIds = require('spdx-license-ids'); //=> ['Glide', 'Abstyles', 'AFL-1.1', ... ]\n```\n\n## License\n\n[The Unlicense](./LICENSE).\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-license-ids", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "correct invalid SPDX identifiers", + "devDependencies": { + "defence-cli": "^1.0.1", + "replace-require-self": "^1.0.0", + "spdx-expression-parse": "^1.0.0", + "tape": "~4.0.0" + }, + "directories": {}, + "dist": { + "shasum": "4b3073d933ff51f3912f03ac5519498a4150db40", + "tarball": "http://registry.npmjs.org/spdx-correct/-/spdx-correct-1.0.2.tgz" + }, + "gitHead": "8430a3ad521e1455208db33faafcb79c7b074236", + "homepage": "https://github.com/kemitchell/spdx-correct.js#readme", + "keywords": [ + "SPDX", + "law", + "legal", + "license", + "metadata" + ], + "license": "Apache-2.0", + "maintainers": [ + { + "name": "kemitchell", + "email": "kyle@kemitchell.com" + }, + { + "name": "othiym23", + "email": "ogd@aoaioxxysz.net" + } + ], + "name": "spdx-correct", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/kemitchell/spdx-correct.js.git" + }, + "scripts": { + "test": "defence README.md | replace-require-self | node && tape *.test.js" + }, + "version": "1.0.2", + "readme": "```javascript\nvar correct = require('spdx-correct');\nvar assert = require('assert');\n\nassert.equal(correct('mit'), 'MIT')\n\nassert.equal(correct('Apache 2'), 'Apache-2.0')\n\nassert(correct('No idea what license') === null)\n```\n", + "readmeFilename": "README.md", + "_dependencies": { + "spdx-license-ids": "^1.0.2" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-correct", + "error": "[Circular]", + "extraneous": false + }, + "spdx-expression-parse": { + "_args": [ + [ + "spdx-expression-parse@~1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/validate-npm-package-license" + ], + [ + "spdx-expression-parse@1.0.2", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "spdx-expression-parse@>=1.0.0 <1.1.0", + "_id": "spdx-expression-parse@1.0.2", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/spdx-expression-parse", + "_nodeVersion": "5.0.0", + "_npmUser": { + "email": "kyle@kemitchell.com", + "name": "kemitchell" + }, + "_npmVersion": "3.3.6", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "spdx-expression-parse@1.0.2", + "name": "spdx-expression-parse", + "escapedName": "spdx-expression-parse", + "rawSpec": "1.0.2", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.2" + }, + "_requiredBy": [ + "/bundle-dependencies/validate-npm-package-license" + ], + "_resolved": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-1.0.2.tgz", + "_shasum": "d52b14b5e9670771440af225bcb563122ac452f6", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.2", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Kyle E. Mitchell", + "email": "kyle@kemitchell.com", + "url": "http://kemitchell.com" + }, + "bugs": { + "url": "https://github.com/kemitchell/spdx-expression-parse.js/issues" + }, + "dependencies": { + "spdx-exceptions": { + "_args": [ + [ + "spdx-exceptions@^1.0.4", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/spdx-expression-parse" + ], + [ + "spdx-exceptions@1.0.4", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "spdx-exceptions@>=1.0.4 <2.0.0", + "_id": "spdx-exceptions@1.0.4", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/spdx-exceptions", + "_nodeVersion": "5.0.0", + "_npmUser": { + "email": "kyle@kemitchell.com", + "name": "kemitchell" + }, + "_npmVersion": "3.3.6", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "spdx-exceptions@1.0.4", + "name": "spdx-exceptions", + "escapedName": "spdx-exceptions", + "rawSpec": "1.0.4", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.4" + }, + "_requiredBy": [ + "/bundle-dependencies/spdx-expression-parse" + ], + "_resolved": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-1.0.4.tgz", + "_shasum": "220b84239119ae9045a892db81a83f4ce16f80fd", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.4", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "The Linux Foundation" + }, + "bugs": { + "url": "https://github.com/kemitchell/spdx-exceptions.json/issues" + }, + "contributors": [ + { + "name": "Kyle E. Mitchell", + "email": "kyle@kemitchell.com", + "url": "https://kemitchell.com/" + } + ], + "dependencies": {}, + "description": "list of SPDX standard license exceptions", + "devDependencies": {}, + "directories": {}, + "dist": { + "shasum": "220b84239119ae9045a892db81a83f4ce16f80fd", + "tarball": "http://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-1.0.4.tgz" + }, + "gitHead": "770316d6c946417ab6efa8533b82d0b61779092b", + "homepage": "https://github.com/kemitchell/spdx-exceptions.json#readme", + "license": "CC-BY-3.0", + "maintainers": [ + { + "name": "kemitchell", + "email": "kyle@kemitchell.com" + } + ], + "name": "spdx-exceptions", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/kemitchell/spdx-exceptions.json.git" + }, + "scripts": {}, + "version": "1.0.4", + "readme": "The package exports an array of strings.\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-exceptions", + "error": "[Circular]", + "extraneous": false + }, + "spdx-license-ids": { + "_args": "[Circular]", + "_from": "spdx-license-ids@>=1.0.2 <2.0.0", + "_id": "spdx-license-ids@1.2.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/spdx-license-ids", + "_nodeVersion": "5.4.0", + "_npmUser": "[Circular]", + "_npmVersion": "3.5.2", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "spdx-license-ids@1.2.0", + "name": "spdx-license-ids", + "escapedName": "spdx-license-ids", + "rawSpec": "1.2.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.2.0" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-1.2.0.tgz", + "_shasum": "b549dd0f63dcb745a17e2ea3a07402e0e332d1e2", + "_shrinkwrap": "[Circular]", + "_spec": "1.2.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "A list of SPDX license identifiers", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "files": "[Circular]", + "gitHead": "f74a7a16ca05540e0e97f1bbb61da07829b5d9ab", + "homepage": "https://github.com/shinnn/spdx-license-ids#readme", + "keywords": "[Circular]", + "license": "Unlicense", + "main": "spdx-license-ids.json", + "maintainers": "[Circular]", + "name": "spdx-license-ids", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "1.2.0", + "readme": "# spdx-license-ids\n\nA list of [SPDX license](https://spdx.org/licenses/) identifiers\n\n[**Download JSON**](https://raw.githubusercontent.com/shinnn/spdx-license-ids/master/spdx-license-ids.json)\n\n## Use as a JavaScript Library\n\n[![NPM version](https://img.shields.io/npm/v/spdx-license-ids.svg)](https://www.npmjs.org/package/spdx-license-ids)\n[![Bower version](https://img.shields.io/bower/v/spdx-license-ids.svg)](https://github.com/shinnn/spdx-license-ids/releases)\n[![Build Status](https://travis-ci.org/shinnn/spdx-license-ids.svg?branch=master)](https://travis-ci.org/shinnn/spdx-license-ids)\n[![Coverage Status](https://img.shields.io/coveralls/shinnn/spdx-license-ids.svg)](https://coveralls.io/r/shinnn/spdx-license-ids)\n[![devDependency Status](https://david-dm.org/shinnn/spdx-license-ids/dev-status.svg)](https://david-dm.org/shinnn/spdx-license-ids#info=devDependencies)\n\n### Installation\n\n#### Package managers\n\n##### [npm](https://www.npmjs.com/)\n\n```sh\nnpm install spdx-license-ids\n```\n\n##### [bower](http://bower.io/)\n\n```sh\nbower install spdx-license-ids\n```\n\n##### [Duo](http://duojs.org/)\n\n```javascript\nconst spdxLicenseIds = require('shinnn/spdx-license-ids');\n```\n\n#### Standalone\n\n[Download the script file directly.](https://raw.githubusercontent.com/shinnn/spdx-license-ids/master/spdx-license-ids-browser.js)\n\n### API\n\n#### spdxLicenseIds\n\nType: `Array` of `String`\n\nIt returns an array of SPDX license identifiers.\n\n```javascript\nconst spdxLicenseIds = require('spdx-license-ids'); //=> ['Glide', 'Abstyles', 'AFL-1.1', ... ]\n```\n\n## License\n\n[The Unlicense](./LICENSE).\n", + "readmeFilename": "README.md", + "_dependencies": "[Circular]", + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-license-ids", + "error": "[Circular]", + "extraneous": false, + "_deduped": "bundle-dependencies/spdx-license-ids" + } + }, + "description": "parse SPDX license expressions", + "devDependencies": { + "defence-cli": "^1.0.1", + "jison": "^0.4.15", + "replace-require-self": "^1.0.0", + "uglify-js": "^2.4.24" + }, + "directories": {}, + "dist": { + "shasum": "d52b14b5e9670771440af225bcb563122ac452f6", + "tarball": "http://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-1.0.2.tgz" + }, + "gitHead": "ffe2fa7272ebf640b18286fc561f17a844d4f06b", + "homepage": "https://github.com/kemitchell/spdx-expression-parse.js#readme", + "keywords": [ + "SPDX", + "law", + "legal", + "license", + "metadata", + "package", + "package.json", + "standards" + ], + "license": "(MIT AND CC-BY-3.0)", + "maintainers": [ + { + "name": "kemitchell", + "email": "kyle@kemitchell.com" + } + ], + "name": "spdx-expression-parse", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/kemitchell/spdx-expression-parse.js.git" + }, + "scripts": { + "prepublish": "node generate-parser.js | uglifyjs > parser.generated.js", + "pretest": "npm run prepublish", + "test": "defence -i javascript README.md | replace-require-self | node" + }, + "version": "1.0.2", + "readme": "```javascript\nvar parse = require('spdx-expression-parse')\nvar assert = require('assert')\n\nvar firstAST = {\n left: { license: 'LGPL-2.1' },\n conjunction: 'or',\n right: {\n left: { license: 'BSD-3-Clause' },\n conjunction: 'and',\n right: { license: 'MIT' } } }\n\nassert.deepEqual(\n parse('(LGPL-2.1 OR BSD-3-Clause AND MIT)'),\n firstAST)\n\nvar secondAST = {\n left: { license: 'MIT' },\n conjunction: 'and',\n right: {\n left: {\n\t license: 'LGPL-2.1',\n\t plus: true },\n conjunction: 'and',\n right: { license: 'BSD-3-Clause' } } }\n\nassert.deepEqual(\n parse('(MIT AND (LGPL-2.1+ AND BSD-3-Clause))'),\n secondAST)\n\n// We handle all the bare SPDX license and exception ids as well.\nrequire('spdx-license-ids').forEach(function(id) {\n assert.deepEqual(\n parse(id),\n { license: id })\n require('spdx-exceptions').forEach(function(e) {\n assert.deepEqual(\n parse(id + ' WITH ' + e),\n { license: id, exception: e }) }) })\n```\n\n---\n\n[The Software Package Data Exchange (SPDX) specification](http://spdx.org) is the work of the [Linux Foundation](http://www.linuxfoundation.org) and its contributors, and is licensed under the terms of [the Creative Commons Attribution License 3.0 Unported (SPDX: \"CC-BY-3.0\")](http://spdx.org/licenses/CC-BY-3.0). \"SPDX\" is a United States federally registered trademark of the Linux Foundation.\n", + "readmeFilename": "README.md", + "_dependencies": { + "spdx-exceptions": "^1.0.4", + "spdx-license-ids": "^1.0.0" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-expression-parse", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Give me a string and I'll tell you if it's a valid npm package license string", + "devDependencies": { + "defence-cli": "^1.0.1", + "replace-require-self": "^1.0.0" + }, + "directories": {}, + "dist": { + "shasum": "2804babe712ad3379459acfbe24746ab2c303fbc", + "tarball": "http://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.1.tgz" + }, + "gitHead": "00200d28f9960985f221bc1a8a71e4760daf39bf", + "homepage": "https://github.com/kemitchell/validate-npm-package-license.js#readme", + "keywords": [ + "license", + "npm", + "package", + "validation" + ], + "license": "Apache-2.0", + "maintainers": [ + { + "name": "kemitchell", + "email": "kyle@kemitchell.com" + }, + { + "name": "othiym23", + "email": "ogd@aoaioxxysz.net" + } + ], + "name": "validate-npm-package-license", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/kemitchell/validate-npm-package-license.js.git" + }, + "scripts": { + "test": "defence README.md | replace-require-self | node" + }, + "version": "3.0.1", + "readme": "validate-npm-package-license\n============================\n\nGive me a string and I'll tell you if it's a valid npm package license string.\n\n```javascript\nvar valid = require('validate-npm-package-license');\n```\n\nSPDX license identifiers are valid license strings:\n\n```javascript\n\nvar assert = require('assert');\nvar validSPDXExpression = {\n validForNewPackages: true,\n validForOldPackages: true,\n spdx: true\n};\n\nassert.deepEqual(valid('MIT'), validSPDXExpression);\nassert.deepEqual(valid('BSD-2-Clause'), validSPDXExpression);\nassert.deepEqual(valid('Apache-2.0'), validSPDXExpression);\nassert.deepEqual(valid('ISC'), validSPDXExpression);\n```\nThe function will return a warning and suggestion for nearly-correct license identifiers:\n\n```javascript\nassert.deepEqual(\n valid('Apache 2.0'),\n {\n validForOldPackages: false,\n validForNewPackages: false,\n warnings: [\n 'license should be ' +\n 'a valid SPDX license expression (without \"LicenseRef\"), ' +\n '\"UNLICENSED\", or ' +\n '\"SEE LICENSE IN \"',\n 'license is similar to the valid expression \"Apache-2.0\"'\n ]\n }\n);\n```\n\nSPDX expressions are valid, too ...\n\n```javascript\n// Simple SPDX license expression for dual licensing\nassert.deepEqual(\n valid('(GPL-3.0 OR BSD-2-Clause)'),\n validSPDXExpression\n);\n```\n\n... except if they contain `LicenseRef`:\n\n```javascript\nvar warningAboutLicenseRef = {\n validForOldPackages: false,\n validForNewPackages: false,\n spdx: true,\n warnings: [\n 'license should be ' +\n 'a valid SPDX license expression (without \"LicenseRef\"), ' +\n '\"UNLICENSED\", or ' +\n '\"SEE LICENSE IN \"',\n ]\n};\n\nassert.deepEqual(\n valid('LicenseRef-Made-Up'),\n warningAboutLicenseRef\n);\n\nassert.deepEqual(\n valid('(MIT OR LicenseRef-Made-Up)'),\n warningAboutLicenseRef\n);\n```\n\nIf you can't describe your licensing terms with standardized SPDX identifiers, put the terms in a file in the package and point users there:\n\n```javascript\nassert.deepEqual(\n valid('SEE LICENSE IN LICENSE.txt'),\n {\n validForNewPackages: true,\n validForOldPackages: true,\n inFile: 'LICENSE.txt'\n }\n);\n\nassert.deepEqual(\n valid('SEE LICENSE IN license.md'),\n {\n validForNewPackages: true,\n validForOldPackages: true,\n inFile: 'license.md'\n }\n);\n```\n\nIf there aren't any licensing terms, use `UNLICENSED`:\n\n```javascript\nvar unlicensed = {\n validForNewPackages: true,\n validForOldPackages: true,\n unlicensed: true\n};\nassert.deepEqual(valid('UNLICENSED'), unlicensed);\nassert.deepEqual(valid('UNLICENCED'), unlicensed);\n```\n", + "readmeFilename": "README.md", + "_dependencies": { + "spdx-correct": "~1.0.0", + "spdx-expression-parse": "~1.0.0" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/validate-npm-package-license", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Normalizes data that can be found in package.json files.", + "devDependencies": { + "async": "^1.5.0", + "tap": "^2.2.0", + "underscore": "^1.8.3" + }, + "directories": {}, + "dist": { + "shasum": "8d924f142960e1777e7ffe170543631cc7cb02df", + "tarball": "http://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.3.5.tgz" + }, + "gitHead": "3dc7756af20b3b1b24c6d75302448ca3659e0a65", + "homepage": "https://github.com/npm/normalize-package-data#readme", + "license": "BSD-2-Clause", + "main": "lib/normalize.js", + "maintainers": [ + { + "name": "iarna", + "email": "me@re-becca.org" + }, + { + "name": "isaacs", + "email": "isaacs@npmjs.com" + }, + { + "name": "meryn", + "email": "merynstol@gmail.com" + }, + { + "name": "othiym23", + "email": "ogd@aoaioxxysz.net" + }, + { + "name": "zkat", + "email": "kat@sykosomatic.org" + } + ], + "name": "normalize-package-data", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git://github.com/npm/normalize-package-data.git" + }, + "scripts": { + "test": "tap test/*.js" + }, + "version": "2.3.5", + "readme": "# normalize-package-data [![Build Status](https://travis-ci.org/npm/normalize-package-data.png?branch=master)](https://travis-ci.org/npm/normalize-package-data)\n\nnormalize-package data exports a function that normalizes package metadata. This data is typically found in a package.json file, but in principle could come from any source - for example the npm registry.\n\nnormalize-package-data is used by [read-package-json](https://npmjs.org/package/read-package-json) to normalize the data it reads from a package.json file. In turn, read-package-json is used by [npm](https://npmjs.org/package/npm) and various npm-related tools.\n\n## Installation\n\n```\nnpm install normalize-package-data\n```\n\n## Usage\n\nBasic usage is really simple. You call the function that normalize-package-data exports. Let's call it `normalizeData`.\n\n```javascript\nnormalizeData = require('normalize-package-data')\npackageData = fs.readFileSync(\"package.json\")\nnormalizeData(packageData)\n// packageData is now normalized\n```\n\n#### Strict mode\n\nYou may activate strict validation by passing true as the second argument.\n\n```javascript\nnormalizeData = require('normalize-package-data')\npackageData = fs.readFileSync(\"package.json\")\nwarnFn = function(msg) { console.error(msg) }\nnormalizeData(packageData, true)\n// packageData is now normalized\n```\n\nIf strict mode is activated, only Semver 2.0 version strings are accepted. Otherwise, Semver 1.0 strings are accepted as well. Packages must have a name, and the name field must not have contain leading or trailing whitespace.\n\n#### Warnings\n\nOptionally, you may pass a \"warning\" function. It gets called whenever the `normalizeData` function encounters something that doesn't look right. It indicates less than perfect input data.\n\n```javascript\nnormalizeData = require('normalize-package-data')\npackageData = fs.readFileSync(\"package.json\")\nwarnFn = function(msg) { console.error(msg) }\nnormalizeData(packageData, warnFn)\n// packageData is now normalized. Any number of warnings may have been logged.\n```\n\nYou may combine strict validation with warnings by passing `true` as the second argument, and `warnFn` as third.\n\nWhen `private` field is set to `true`, warnings will be suppressed.\n\n### Potential exceptions\n\nIf the supplied data has an invalid name or version vield, `normalizeData` will throw an error. Depending on where you call `normalizeData`, you may want to catch these errors so can pass them to a callback.\n\n## What normalization (currently) entails\n\n* The value of `name` field gets trimmed (unless in strict mode).\n* The value of the `version` field gets cleaned by `semver.clean`. See [documentation for the semver module](https://github.com/isaacs/node-semver).\n* If `name` and/or `version` fields are missing, they are set to empty strings.\n* If `files` field is not an array, it will be removed.\n* If `bin` field is a string, then `bin` field will become an object with `name` set to the value of the `name` field, and `bin` set to the original string value.\n* If `man` field is a string, it will become an array with the original string as its sole member.\n* If `keywords` field is string, it is considered to be a list of keywords separated by one or more white-space characters. It gets converted to an array by splitting on `\\s+`.\n* All people fields (`author`, `maintainers`, `contributors`) get converted into objects with name, email and url properties.\n* If `bundledDependencies` field (a typo) exists and `bundleDependencies` field does not, `bundledDependencies` will get renamed to `bundleDependencies`.\n* If the value of any of the dependencies fields (`dependencies`, `devDependencies`, `optionalDependencies`) is a string, it gets converted into an object with familiar `name=>value` pairs.\n* The values in `optionalDependencies` get added to `dependencies`. The `optionalDependencies` array is left untouched.\n* As of v2: Dependencies that point at known hosted git providers (currently: github, bitbucket, gitlab) will have their URLs canonicalized, but protocols will be preserved.\n* As of v2: Dependencies that use shortcuts for hosted git providers (`org/proj`, `github:org/proj`, `bitbucket:org/proj`, `gitlab:org/proj`, `gist:docid`) will have the shortcut left in place. (In the case of github, the `org/proj` form will be expanded to `github:org/proj`.) THIS MARKS A BREAKING CHANGE FROM V1, where the shorcut was previously expanded to a URL.\n* If `description` field does not exist, but `readme` field does, then (more or less) the first paragraph of text that's found in the readme is taken as value for `description`.\n* If `repository` field is a string, it will become an object with `url` set to the original string value, and `type` set to `\"git\"`.\n* If `repository.url` is not a valid url, but in the style of \"[owner-name]/[repo-name]\", `repository.url` will be set to git+https://github.com/[owner-name]/[repo-name].git\n* If `bugs` field is a string, the value of `bugs` field is changed into an object with `url` set to the original string value.\n* If `bugs` field does not exist, but `repository` field points to a repository hosted on GitHub, the value of the `bugs` field gets set to an url in the form of https://github.com/[owner-name]/[repo-name]/issues . If the repository field points to a GitHub Gist repo url, the associated http url is chosen.\n* If `bugs` field is an object, the resulting value only has email and url properties. If email and url properties are not strings, they are ignored. If no valid values for either email or url is found, bugs field will be removed.\n* If `homepage` field is not a string, it will be removed.\n* If the url in the `homepage` field does not specify a protocol, then http is assumed. For example, `myproject.org` will be changed to `http://myproject.org`.\n* If `homepage` field does not exist, but `repository` field points to a repository hosted on GitHub, the value of the `homepage` field gets set to an url in the form of https://github.com/[owner-name]/[repo-name]/ . If the repository field points to a GitHub Gist repo url, the associated http url is chosen.\n\n### Rules for name field\n\nIf `name` field is given, the value of the name field must be a string. The string may not:\n\n* start with a period.\n* contain the following characters: `/@\\s+%`\n* contain and characters that would need to be encoded for use in urls.\n* resemble the word `node_modules` or `favicon.ico` (case doesn't matter).\n\n### Rules for version field\n\nIf `version` field is given, the value of the version field must be a valid *semver* string, as determined by the `semver.valid` method. See [documentation for the semver module](https://github.com/isaacs/node-semver).\n\n### Rules for license field\n\nThe `license` field should be a valid *SPDX license expression* or one of the special values allowed by [validate-npm-package-license](https://npmjs.com/packages/validate-npm-package-license). See [documentation for the license field in package.json](https://docs.npmjs.com/files/package.json#license).\n\n## Credits\n\nThis package contains code based on read-package-json written by Isaac Z. Schlueter. Used with permisson.\n\n## License\n\nnormalize-package-data is released under the [BSD 2-Clause License](http://opensource.org/licenses/MIT). \nCopyright (c) 2013 Meryn Stol \n", + "readmeFilename": "README.md", + "_dependencies": { + "hosted-git-info": "^2.1.4", + "is-builtin-module": "^1.0.0", + "semver": "2 || 3 || 4 || 5", + "validate-npm-package-license": "^3.0.1" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/normalize-package-data", + "error": "[Circular]", + "extraneous": false + }, + "path-type": { + "_args": [ + [ + "path-type@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/read-pkg" + ], + [ + "path-type@1.1.0", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "path-type@>=1.0.0 <2.0.0", + "_id": "path-type@1.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/path-type", + "_nodeVersion": "4.2.1", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.14.7", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "path-type@1.1.0", + "name": "path-type", + "escapedName": "path-type", + "rawSpec": "1.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies/read-pkg" + ], + "_resolved": "https://registry.npmjs.org/path-type/-/path-type-1.1.0.tgz", + "_shasum": "59c44f7ee491da704da415da5a4070ba4f8fe441", + "_shrinkwrap": "[Circular]", + "_spec": "1.1.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/path-type/issues" + }, + "dependencies": { + "graceful-fs": { + "_args": "[Circular]", + "_from": "graceful-fs@>=4.1.2 <5.0.0", + "_id": "graceful-fs@4.1.3", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/graceful-fs", + "_nodeVersion": "4.0.0", + "_npmOperationalInternal": "[Circular]", + "_npmUser": "[Circular]", + "_npmVersion": "3.7.0", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "graceful-fs@4.1.3", + "name": "graceful-fs", + "escapedName": "graceful-fs", + "rawSpec": "4.1.3", + "saveSpec": "[Circular]", + "fetchSpec": "4.1.3" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.1.3.tgz", + "_shasum": "92033ce11113c41e2628d61fdfa40bc10dc0155c", + "_shrinkwrap": "[Circular]", + "_spec": "4.1.3", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "bugs": "[Circular]", + "dependencies": {}, + "description": "A drop-in replacement for fs, making various improvements.", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "694c56f3aed4aee62d6df169be123d3984f61b85", + "homepage": "https://github.com/isaacs/node-graceful-fs#readme", + "keywords": "[Circular]", + "license": "ISC", + "main": "graceful-fs.js", + "maintainers": "[Circular]", + "name": "graceful-fs", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "4.1.3", + "readme": "# graceful-fs\n\ngraceful-fs functions as a drop-in replacement for the fs module,\nmaking various improvements.\n\nThe improvements are meant to normalize behavior across different\nplatforms and environments, and to make filesystem access more\nresilient to errors.\n\n## Improvements over [fs module](http://api.nodejs.org/fs.html)\n\ngraceful-fs:\n\n* Queues up `open` and `readdir` calls, and retries them once\n something closes if there is an EMFILE error from too many file\n descriptors.\n* fixes `lchmod` for Node versions prior to 0.6.2.\n* implements `fs.lutimes` if possible. Otherwise it becomes a noop.\n* ignores `EINVAL` and `EPERM` errors in `chown`, `fchown` or\n `lchown` if the user isn't root.\n* makes `lchmod` and `lchown` become noops, if not available.\n* retries reading a file if `read` results in EAGAIN error.\n\nOn Windows, it retries renaming a file for up to one second if `EACCESS`\nor `EPERM` error occurs, likely because antivirus software has locked\nthe directory.\n\n## USAGE\n\n```javascript\n// use just like fs\nvar fs = require('graceful-fs')\n\n// now go and do stuff with it...\nfs.readFileSync('some-file-or-whatever')\n```\n\n## Global Patching\n\nIf you want to patch the global fs module (or any other fs-like\nmodule) you can do this:\n\n```javascript\n// Make sure to read the caveat below.\nvar realFs = require('fs')\nvar gracefulFs = require('graceful-fs')\ngracefulFs.gracefulify(realFs)\n```\n\nThis should only ever be done at the top-level application layer, in\norder to delay on EMFILE errors from any fs-using dependencies. You\nshould **not** do this in a library, because it can cause unexpected\ndelays in other parts of the program.\n", + "readmeFilename": "README.md", + "_dependencies": "[Circular]", + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/graceful-fs", + "error": "[Circular]", + "extraneous": false, + "_deduped": "bundle-dependencies/graceful-fs" + }, + "pify": { + "_args": "[Circular]", + "_from": "pify@>=2.0.0 <3.0.0", + "_id": "pify@2.3.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/pify", + "_nodeVersion": "4.2.1", + "_npmUser": "[Circular]", + "_npmVersion": "2.14.7", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "pify@2.3.0", + "name": "pify", + "escapedName": "pify", + "rawSpec": "2.3.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.3.0" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz", + "_shasum": "ed141a6ac043a849ea588498e7dca8b15330e90c", + "_shrinkwrap": "[Circular]", + "_spec": "2.3.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "Promisify a callback-style function", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "2dd0d8b880e4ebcc5cc33ae126b02647418e4440", + "homepage": "https://github.com/sindresorhus/pify", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "pify", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "2.3.0", + "readme": "# pify [![Build Status](https://travis-ci.org/sindresorhus/pify.svg?branch=master)](https://travis-ci.org/sindresorhus/pify)\n\n> Promisify a callback-style function\n\n\n## Install\n\n```\n$ npm install --save pify\n```\n\n\n## Usage\n\n```js\nconst fs = require('fs');\nconst pify = require('pify');\n\n// promisify a single function\n\npify(fs.readFile)('package.json', 'utf8').then(data => {\n\tconsole.log(JSON.parse(data).name);\n\t//=> 'pify'\n});\n\n// or promisify all methods in a module\n\npify(fs).readFile('package.json', 'utf8').then(data => {\n\tconsole.log(JSON.parse(data).name);\n\t//=> 'pify'\n});\n```\n\n\n## API\n\n### pify(input, [promiseModule], [options])\n\nReturns a promise wrapped version of the supplied function or module.\n\n#### input\n\nType: `function`, `object`\n\nCallback-style function or module whose methods you want to promisify.\n\n#### promiseModule\n\nType: `function`\n\nCustom promise module to use instead of the native one.\n\nCheck out [`pinkie-promise`](https://github.com/floatdrop/pinkie-promise) if you need a tiny promise polyfill.\n\n#### options\n\n##### multiArgs\n\nType: `boolean` \nDefault: `false`\n\nBy default, the promisified function will only return the second argument from the callback, which works fine for most APIs. This option can be useful for modules like `request` that return multiple arguments. Turning this on will make it return an array of all arguments from the callback, excluding the error argument, instead of just the second argument.\n\n```js\nconst request = require('request');\nconst pify = require('pify');\n\npify(request, {multiArgs: true})('https://sindresorhus.com').then(result => {\n\tconst [httpResponse, body] = result;\n});\n```\n\n##### include\n\nType: `array` of (`string`|`regex`)\n\nMethods in a module to promisify. Remaining methods will be left untouched.\n\n##### exclude\n\nType: `array` of (`string`|`regex`) \nDefault: `[/.+Sync$/]`\n\nMethods in a module **not** to promisify. Methods with names ending with `'Sync'` are excluded by default.\n\n##### excludeMain\n\nType: `boolean` \nDefault: `false`\n\nBy default, if given module is a function itself, this function will be promisified. Turn this option on if you want to promisify only methods of the module.\n\n```js\nconst pify = require('pify');\n\nfunction fn() {\n\treturn true;\n}\n\nfn.method = (data, callback) => {\n\tsetImmediate(() => {\n\t\tcallback(data, null);\n\t});\n};\n\n// promisify methods but not fn()\nconst promiseFn = pify(fn, {excludeMain: true});\n\nif (promiseFn()) {\n\tpromiseFn.method('hi').then(data => {\n\t\tconsole.log(data);\n\t});\n}\n```\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pify", + "error": "[Circular]", + "extraneous": false, + "_deduped": "bundle-dependencies/pify" + }, + "pinkie-promise": { + "_args": "[Circular]", + "_from": "pinkie-promise@>=2.0.0 <3.0.0", + "_id": "pinkie-promise@2.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/pinkie-promise", + "_nodeVersion": "4.2.0", + "_npmUser": "[Circular]", + "_npmVersion": "2.14.7", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "pinkie-promise@2.0.0", + "name": "pinkie-promise", + "escapedName": "pinkie-promise", + "rawSpec": "2.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.0.0" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/pinkie-promise/-/pinkie-promise-2.0.0.tgz", + "_shasum": "4c83538de1f6e660c29e0a13446844f7a7e88259", + "_shrinkwrap": "[Circular]", + "_spec": "2.0.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "ES2015 Promise ponyfill", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "f90fcae9838bcae7ae1ae4ebc9b29f11e5db4980", + "homepage": "https://github.com/floatdrop/pinkie-promise", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "pinkie-promise", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "2.0.0", + "readme": "# pinkie-promise [![Build Status](https://travis-ci.org/floatdrop/pinkie-promise.svg?branch=master)](https://travis-ci.org/floatdrop/pinkie-promise)\n\n> [ES2015 Promise](https://people.mozilla.org/~jorendorff/es6-draft.html#sec-promise-objects) ponyfill\n\nModule exports global Promise object (if available) or [`pinkie`](http://github.com/floatdrop/pinkie) Promise polyfill.\n\n## Install\n\n```\n$ npm install --save pinkie-promise\n```\n\n## Usage\n\n```js\nvar Promise = require('pinkie-promise');\n\nnew Promise(function (resolve) { resolve('unicorns'); });\n//=> Promise { 'unicorns' }\n```\n\n## Related\n\n- [pify](https://github.com/sindresorhus/pify) - Promisify a callback-style function\n\n## License\n\nMIT © [Vsevolod Strukchinsky](http://github.com/floatdrop)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "error": "[Circular]", + "extraneous": false, + "_deduped": "bundle-dependencies/pinkie-promise" + } + }, + "description": "Check if a path is a file, directory, or symlink", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "59c44f7ee491da704da415da5a4070ba4f8fe441", + "tarball": "http://registry.npmjs.org/path-type/-/path-type-1.1.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "dff5c2a62f89efe7e0cce600bf38e76196d8b4b2", + "homepage": "https://github.com/sindresorhus/path-type", + "keywords": [ + "path", + "fs", + "type", + "is", + "check", + "directory", + "dir", + "file", + "filepath", + "symlink", + "symbolic", + "link", + "stat", + "stats", + "filesystem" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "path-type", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/path-type.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "1.1.0", + "xo": { + "ignores": [ + "test.js" + ] + }, + "readme": "# path-type [![Build Status](https://travis-ci.org/sindresorhus/path-type.svg?branch=master)](https://travis-ci.org/sindresorhus/path-type)\n\n> Check if a path is a file, directory, or symlink\n\n\n## Install\n\n```\n$ npm install --save path-type\n```\n\n\n## Usage\n\n```js\nvar pathType = require('path-type');\n\npathType.file('package.json').then(function (isFile) {\n\tconsole.log(isFile);\n\t//=> true\n})\n```\n\n\n## API\n\n### .file(path)\n### .dir(path)\n### .symlink(path)\n\nReturns a promise that resolves to a boolean of whether the path is the checked type.\n\n### .fileSync(path)\n### .dirSync(path)\n### .symlinkSync(path)\n\nReturns a boolean of whether the path is the checked type.\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "graceful-fs": "^4.1.2", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/path-type", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Read a package.json file", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "f5ffaa5ecd29cb31c0474bca7d756b6bb29e3f28", + "tarball": "http://registry.npmjs.org/read-pkg/-/read-pkg-1.1.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "9448d32b2ebcd65fc0547def3cfe5b28ef522e68", + "homepage": "https://github.com/sindresorhus/read-pkg", + "keywords": [ + "json", + "read", + "parse", + "file", + "fs", + "graceful", + "load", + "pkg", + "package", + "normalize" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "read-pkg", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/read-pkg.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "1.1.0", + "readme": "# read-pkg [![Build Status](https://travis-ci.org/sindresorhus/read-pkg.svg?branch=master)](https://travis-ci.org/sindresorhus/read-pkg)\n\n> Read a package.json file\n\n\n## Why\n\n- [Gracefully handles filesystem issues](https://github.com/isaacs/node-graceful-fs)\n- [Strips UTF-8 BOM](https://github.com/sindresorhus/strip-bom)\n- [Throws more helpful JSON errors](https://github.com/sindresorhus/parse-json)\n- [Normalizes the data](https://github.com/npm/normalize-package-data#what-normalization-currently-entails)\n\n\n## Install\n\n```\n$ npm install --save read-pkg\n```\n\n\n## Usage\n\n```js\nvar readPkg = require('read-pkg');\n\nreadPkg().then(function (pkg) {\n\tconsole.log(pkg);\n\t//=> {name: 'read-pkg', ...}\n});\n\nreadPkg(__dirname).then(function (pkg) {\n\tconsole.log(pkg);\n\t//=> {name: 'read-pkg', ...}\n});\n\nreadPkg(path.join('unicorn', 'package.json')).then(function (pkg) {\n\tconsole.log(pkg);\n\t//=> {name: 'read-pkg', ...}\n});\n```\n\n\n## API\n\n### readPkg([path], [options])\n\nReturns a promise that resolves to the parsed JSON.\n\n### readPkg.sync([path], [options])\n\nReturns the parsed JSON.\n\n#### path\n\nType: `string` \nDefault: `.`\n\nPath to a `package.json` file or its directory.\n\n#### options\n\n##### normalize\n\nType: `boolean` \nDefault: `true`\n\n[Normalize](https://github.com/npm/normalize-package-data#what-normalization-currently-entails) the package data.\n\n\n## Related\n\n- [read-pkg-up](https://github.com/sindresorhus/read-pkg-up) - Read the closest package.json file\n- [write-pkg](https://github.com/sindresorhus/write-pkg) - Write a `package.json` file\n- [load-json-file](https://github.com/sindresorhus/load-json-file) - Read and parse a JSON file\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg", + "error": "[Circular]", + "extraneous": false + }, + "symbol": { + "_args": [ + [ + "symbol@^0.2.1", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/pkg-conf" + ], + [ + "symbol@0.2.1", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "symbol@>=0.2.1 <0.3.0", + "_id": "symbol@0.2.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/symbol", + "_npmUser": { + "email": "sean.monstar@gmail.com", + "name": "seanmonstar" + }, + "_npmVersion": "1.3.11", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "symbol@0.2.1", + "name": "symbol", + "escapedName": "symbol", + "rawSpec": "0.2.1", + "saveSpec": "[Circular]", + "fetchSpec": "0.2.1" + }, + "_requiredBy": [ + "/bundle-dependencies/pkg-conf" + ], + "_resolved": "https://registry.npmjs.org/symbol/-/symbol-0.2.1.tgz", + "_shasum": "c2124fb7b2e3eea30e4fa824341aa789b3534c95", + "_shrinkwrap": "[Circular]", + "_spec": "0.2.1", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sean McArthur", + "email": "sean.monstar@gmail.com", + "url": "http://seanmonstar.com" + }, + "bugs": { + "url": "https://github.com/seanmonstar/symbol/issues" + }, + "dependencies": {}, + "description": "ES6 Symbols in your ES5.", + "devDependencies": {}, + "directories": {}, + "dist": { + "shasum": "c2124fb7b2e3eea30e4fa824341aa789b3534c95", + "tarball": "http://registry.npmjs.org/symbol/-/symbol-0.2.1.tgz" + }, + "homepage": "https://github.com/seanmonstar/symbol#readme", + "keywords": [ + "symbols", + "es6", + "harmony" + ], + "license": "MPLv2.0", + "main": "index.js", + "maintainers": [ + { + "name": "seanmonstar", + "email": "sean.monstar@gmail.com" + } + ], + "name": "symbol", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git://github.com/seanmonstar/symbol.git" + }, + "scripts": { + "test": "node test.js" + }, + "version": "0.2.1", + "readme": "# Symbols\n\n[![NPM version](https://badge.fury.io/js/symbol.png)](http://badge.fury.io/js/symbol)\n\n[ES6 Symbols](https://people.mozilla.org/~jorendorff/es6-draft.html#sec-symbol-objects), in your ES5.\n\nIf `Symbol` is already defined, it will be used. Otherwise, this implements as much of the `Symbol` spec as is possible with plain JavaScript.\n\n## Usage\n\n```js\nvar Symbol = require('symbol');\nvar key = Symbol();\n\nvar obj = {};\nobj[key] = 'foo';\nconsole.log(obj[key]); // 'foo'\nconsole.log(Object.keys(obj)); // []\n```\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/symbol", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Get namespaced config from the closest package.json", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "a3caee3fb9c23ab4abad3baaea02f0001c75f200", + "tarball": "http://registry.npmjs.org/pkg-conf/-/pkg-conf-1.1.1.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "fixture": { + "foo": true + }, + "gitHead": "9bb0bb78f4e6d8b6e14e8ef28b1cfba7305341f6", + "homepage": "https://github.com/sindresorhus/pkg-conf#readme", + "keywords": [ + "json", + "read", + "parse", + "file", + "fs", + "graceful", + "load", + "pkg", + "package", + "config", + "conf", + "configuration", + "object", + "namespace", + "namespaced" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "pkg-conf", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/pkg-conf.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "1.1.1", + "readme": "# pkg-conf [![Build Status](https://travis-ci.org/sindresorhus/pkg-conf.svg?branch=master)](https://travis-ci.org/sindresorhus/pkg-conf)\n\n> Get namespaced config from the closest package.json\n\nFor example, [XO](https://github.com/sindresorhus/xo) uses the `xo` namespace in package.json and [ESLint](http://eslint.org) uses `eslintConfig`.\n\n\n## Install\n\n```\n$ npm install --save pkg-conf\n```\n\n\n## Usage\n\n```json\n{\n\t\"name\": \"some-package\",\n\t\"version\": \"1.0.0\",\n\t\"unicorn\": {\n\t\t\"rainbow\": true\n\t}\n}\n```\n\n```js\nconst pkgConf = require('pkg-conf');\n\npkgConf('unicorn').then(config => {\n\tconsole.log(config.rainbow);\n\t//=> true\n});\n```\n\n\n## API\n\nIt [walks up](https://github.com/sindresorhus/find-up) parent directories until a `package.json` can be found, reads it, and returns the user specified namespace or an empty object if not found.\n\n### pkgConf(namespace, [options])\n\nReturns a promise that resolves to the config.\n\n### pkgConf.sync(namespace, [options])\n\nReturns the config.\n\n#### namespace\n\nType: `string`\n\nThe package.json namespace you want.\n\n#### options\n\n##### cwd\n\nType: `string`
\nDefault: `process.cwd()`\n\nDirectory to start looking up for a package.json file.\n\n##### defaults\n\nType: `object`
\n\nDefault config.\n\n### pkgConf.filepath(config)\n\nPass in the `config` returned from any of the above methods.\n\nReturns the filepath to the package.json file or `null`.\n\n\n## Related\n\n- [read-pkg-up](https://github.com/sindresorhus/read-pkg-up) - Read the closest package.json file\n- [read-pkg](https://github.com/sindresorhus/read-pkg) - Read a package.json file\n- [find-up](https://github.com/sindresorhus/find-up) - Find a file by walking up parent directories\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "find-up": "^1.0.0", + "object-assign": "^4.0.1", + "read-pkg": "^1.0.0", + "symbol": "^0.2.1" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pkg-conf", + "error": "[Circular]", + "extraneous": false + }, + "read-pkg-up": { + "_args": [ + [ + "read-pkg-up@^1.0.1", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "read-pkg-up@1.0.1", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "read-pkg-up@>=1.0.1 <2.0.0", + "_id": "read-pkg-up@1.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/read-pkg-up", + "_nodeVersion": "0.12.7", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.11.3", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "read-pkg-up@1.0.1", + "name": "read-pkg-up", + "escapedName": "read-pkg-up", + "rawSpec": "1.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.1" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/read-pkg-up/-/read-pkg-up-1.0.1.tgz", + "_shasum": "9d63c13276c065918d57f002a57f40a1b643fb02", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.1", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/read-pkg-up/issues" + }, + "dependencies": { + "find-up": { + "_args": "[Circular]", + "_from": "find-up@>=1.0.0 <2.0.0", + "_id": "find-up@1.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/find-up", + "_nodeVersion": "4.2.1", + "_npmUser": "[Circular]", + "_npmVersion": "2.14.7", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "find-up@1.1.0", + "name": "find-up", + "escapedName": "find-up", + "rawSpec": "1.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.0" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/find-up/-/find-up-1.1.0.tgz", + "_shasum": "a63b0eec4625a2902534898a5f9eec8aaed046e9", + "_shrinkwrap": "[Circular]", + "_spec": "1.1.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "Find a file by walking up parent directories", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "06e9dae73659ddf2421440ca4695161c38d7d2fb", + "homepage": "https://github.com/sindresorhus/find-up", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "find-up", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "1.1.0", + "readme": "# find-up [![Build Status](https://travis-ci.org/sindresorhus/find-up.svg?branch=master)](https://travis-ci.org/sindresorhus/find-up)\n\n> Find a file by walking up parent directories\n\n\n## Install\n\n```\n$ npm install --save find-up\n```\n\n\n## Usage\n\n```\n/\n└── Users\n └── sindresorhus\n ├── unicorn.png\n └── foo\n └── bar\n ├── baz\n └── example.js\n```\n\n```js\n// example.js\nvar findUp = require('find-up');\n\nfindUp('unicorn.png').then(function (filepath) {\n\tconsole.log(filepath);\n\t//=> '/Users/sindresorhus/unicorn.png'\n});\n```\n\n\n## API\n\n### findUp(filename, [options])\n\nReturns a promise that resolves to a filepath or `null`.\n\n### findUp.sync(filename, [options])\n\nReturns a filepath or `null`.\n\n#### filename\n\nType: `string`\n\nFilename of the file to find.\n\n#### options\n\n##### cwd\n\nType: `string` \nDefault: `process.cwd()`\n\nDirectory to start from.\n\n\n## Related\n\n- [find-up-cli](https://github.com/sindresorhus/find-up-cli) - CLI for this module\n- [pkg-up](https://github.com/sindresorhus/pkg-up) - Find the closest package.json file\n- [pkg-dir](https://github.com/sindresorhus/pkg-dir) - Find the root directory of a npm package\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/find-up", + "error": "[Circular]", + "extraneous": false, + "_deduped": "bundle-dependencies/find-up" + }, + "read-pkg": { + "_args": "[Circular]", + "_from": "read-pkg@>=1.0.0 <2.0.0", + "_id": "read-pkg@1.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/read-pkg", + "_nodeVersion": "3.0.0", + "_npmUser": "[Circular]", + "_npmVersion": "2.13.3", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "read-pkg@1.1.0", + "name": "read-pkg", + "escapedName": "read-pkg", + "rawSpec": "1.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.0" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/read-pkg/-/read-pkg-1.1.0.tgz", + "_shasum": "f5ffaa5ecd29cb31c0474bca7d756b6bb29e3f28", + "_shrinkwrap": "[Circular]", + "_spec": "1.1.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "Read a package.json file", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "9448d32b2ebcd65fc0547def3cfe5b28ef522e68", + "homepage": "https://github.com/sindresorhus/read-pkg", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "read-pkg", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "1.1.0", + "readme": "# read-pkg [![Build Status](https://travis-ci.org/sindresorhus/read-pkg.svg?branch=master)](https://travis-ci.org/sindresorhus/read-pkg)\n\n> Read a package.json file\n\n\n## Why\n\n- [Gracefully handles filesystem issues](https://github.com/isaacs/node-graceful-fs)\n- [Strips UTF-8 BOM](https://github.com/sindresorhus/strip-bom)\n- [Throws more helpful JSON errors](https://github.com/sindresorhus/parse-json)\n- [Normalizes the data](https://github.com/npm/normalize-package-data#what-normalization-currently-entails)\n\n\n## Install\n\n```\n$ npm install --save read-pkg\n```\n\n\n## Usage\n\n```js\nvar readPkg = require('read-pkg');\n\nreadPkg().then(function (pkg) {\n\tconsole.log(pkg);\n\t//=> {name: 'read-pkg', ...}\n});\n\nreadPkg(__dirname).then(function (pkg) {\n\tconsole.log(pkg);\n\t//=> {name: 'read-pkg', ...}\n});\n\nreadPkg(path.join('unicorn', 'package.json')).then(function (pkg) {\n\tconsole.log(pkg);\n\t//=> {name: 'read-pkg', ...}\n});\n```\n\n\n## API\n\n### readPkg([path], [options])\n\nReturns a promise that resolves to the parsed JSON.\n\n### readPkg.sync([path], [options])\n\nReturns the parsed JSON.\n\n#### path\n\nType: `string` \nDefault: `.`\n\nPath to a `package.json` file or its directory.\n\n#### options\n\n##### normalize\n\nType: `boolean` \nDefault: `true`\n\n[Normalize](https://github.com/npm/normalize-package-data#what-normalization-currently-entails) the package data.\n\n\n## Related\n\n- [read-pkg-up](https://github.com/sindresorhus/read-pkg-up) - Read the closest package.json file\n- [write-pkg](https://github.com/sindresorhus/write-pkg) - Write a `package.json` file\n- [load-json-file](https://github.com/sindresorhus/load-json-file) - Read and parse a JSON file\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg", + "error": "[Circular]", + "extraneous": false, + "_deduped": "bundle-dependencies/read-pkg" + } + }, + "description": "Read the closest package.json file", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "9d63c13276c065918d57f002a57f40a1b643fb02", + "tarball": "http://registry.npmjs.org/read-pkg-up/-/read-pkg-up-1.0.1.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "27ec7c844b495a39eea7859c5f4d4721ebf60e8e", + "homepage": "https://github.com/sindresorhus/read-pkg-up", + "keywords": [ + "json", + "read", + "parse", + "file", + "fs", + "graceful", + "load", + "pkg", + "package", + "find", + "up", + "find-up", + "findup", + "look-up", + "look", + "file", + "search", + "match", + "package", + "resolve", + "parent", + "parents", + "folder", + "directory", + "dir", + "walk", + "walking", + "path" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "read-pkg-up", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/read-pkg-up.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "1.0.1", + "readme": "# read-pkg-up [![Build Status](https://travis-ci.org/sindresorhus/read-pkg-up.svg?branch=master)](https://travis-ci.org/sindresorhus/read-pkg-up)\n\n> Read the closest package.json file\n\n\n## Why\n\n- [Finds the closest package.json](https://github.com/sindresorhus/find-up)\n- [Gracefully handles filesystem issues](https://github.com/isaacs/node-graceful-fs)\n- [Strips UTF-8 BOM](https://github.com/sindresorhus/strip-bom)\n- [Throws more helpful JSON errors](https://github.com/sindresorhus/parse-json)\n- [Normalizes the data](https://github.com/npm/normalize-package-data#what-normalization-currently-entails)\n\n\n## Install\n\n```\n$ npm install --save read-pkg-up\n```\n\n\n## Usage\n\n```js\nvar readPkgUp = require('read-pkg-up');\n\nreadPkgUp().then(function (result) {\n\tconsole.log(result);\n\t/*\n\t{\n\t\tpkg: {\n\t\t\tname: 'awesome-package',\n\t\t\tversion: '1.0.0',\n\t\t\t...\n\t\t},\n\t\tpath: '/Users/sindresorhus/dev/awesome-package'\n\t}\n\t*/\n});\n```\n\n\n## API\n\n### readPkgUp([options])\n\nReturns a promise that resolves to a result object.\n\n### readPkgUp.sync([options])\n\nReturns a result object.\n\n#### options\n\n##### cwd\n\nType: `string` \nDefault: `.`\n\nDirectory to start looking for a package.json file.\n\n##### normalize\n\nType: `boolean` \nDefault: `true`\n\n[Normalize](https://github.com/npm/normalize-package-data#what-normalization-currently-entails) the package data.\n\n\n## Related\n\n- [read-pkg](https://github.com/sindresorhus/read-pkg) - Read a package.json file\n- [find-up](https://github.com/sindresorhus/find-up) - Find a file by walking up parent directories\n- [pkg-conf](https://github.com/sindresorhus/pkg-conf) - Get namespaced config from the closest package.json\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "find-up": "^1.0.0", + "read-pkg": "^1.0.0" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg-up", + "error": "[Circular]", + "extraneous": false + }, + "require-main-filename": { + "_args": [ + [ + "require-main-filename@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "require-main-filename@1.0.1", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "require-main-filename@>=1.0.0 <2.0.0", + "_id": "require-main-filename@1.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/require-main-filename", + "_nodeVersion": "3.2.0", + "_npmOperationalInternal": { + "host": "packages-6-west.internal.npmjs.com", + "tmp": "tmp/require-main-filename-1.0.1.tgz_1455688492890_0.0750324921682477" + }, + "_npmUser": { + "email": "ben@npmjs.com", + "name": "bcoe" + }, + "_npmVersion": "3.3.0", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "require-main-filename@1.0.1", + "name": "require-main-filename", + "escapedName": "require-main-filename", + "rawSpec": "1.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.1" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/require-main-filename/-/require-main-filename-1.0.1.tgz", + "_shasum": "97f717b69d48784f5f526a6c5aa8ffdda055a4d1", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.1", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Ben Coe", + "email": "ben@npmjs.com" + }, + "bugs": { + "url": "https://github.com/yargs/require-main-filename/issues" + }, + "dependencies": {}, + "description": "shim for require.main.filename() that works in as many environments as possible", + "devDependencies": { + "chai": "^3.5.0", + "standard": "^6.0.5", + "tap": "^5.2.0" + }, + "directories": {}, + "dist": { + "shasum": "97f717b69d48784f5f526a6c5aa8ffdda055a4d1", + "tarball": "http://registry.npmjs.org/require-main-filename/-/require-main-filename-1.0.1.tgz" + }, + "gitHead": "6dd2291332bed764c56302ccdd14da8a213249a1", + "homepage": "https://github.com/yargs/require-main-filename#readme", + "keywords": [ + "require", + "shim", + "iisnode" + ], + "license": "ISC", + "main": "index.js", + "maintainers": [ + { + "name": "bcoe", + "email": "ben@npmjs.com" + } + ], + "name": "require-main-filename", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+ssh://git@github.com/yargs/require-main-filename.git" + }, + "scripts": { + "pretest": "standard", + "test": "tap --coverage test.js" + }, + "version": "1.0.1", + "readme": "# require-main-filename\n\n[![Build Status](https://travis-ci.org/yargs/require-main-filename.png)](https://travis-ci.org/yargs/require-main-filename)\n[![Coverage Status](https://coveralls.io/repos/yargs/require-main-filename/badge.svg?branch=master)](https://coveralls.io/r/yargs/require-main-filename?branch=master)\n[![NPM version](https://img.shields.io/npm/v/require-main-filename.svg)](https://www.npmjs.com/package/require-main-filename)\n\n`require.main.filename` is great for figuring out the entry\npoint for the current application. This can be combined with a module like\n[pkg-conf](https://www.npmjs.com/package/pkg-conf) to, _as if by magic_, load\ntop-level configuration.\n\nUnfortunately, `require.main.filename` sometimes fails when an application is\nexecuted with an alternative process manager, e.g., [iisnode](https://github.com/tjanczuk/iisnode).\n\n`require-main-filename` is a shim that addresses this problem.\n\n## Usage\n\n```js\nvar main = require('require-main-filename')()\n// use main as an alternative to require.main.filename.\n```\n\n## License\n\nISC\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/require-main-filename", + "error": "[Circular]", + "extraneous": false + }, + "string-width": { + "_args": "[Circular]", + "_from": "string-width@>=1.0.1 <2.0.0", + "_id": "string-width@1.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/string-width", + "_nodeVersion": "0.12.5", + "_npmUser": "[Circular]", + "_npmVersion": "2.11.2", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "string-width@1.0.1", + "name": "string-width", + "escapedName": "string-width", + "rawSpec": "1.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.1" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/string-width/-/string-width-1.0.1.tgz", + "_shasum": "c92129b6f1d7f52acf9af424a26e3864a05ceb0a", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.1", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": { + "code-point-at": { + "_args": [ + [ + "code-point-at@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/string-width" + ], + [ + "code-point-at@1.0.0", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "code-point-at@>=1.0.0 <2.0.0", + "_id": "code-point-at@1.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/code-point-at", + "_nodeVersion": "0.12.5", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.11.2", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "code-point-at@1.0.0", + "name": "code-point-at", + "escapedName": "code-point-at", + "rawSpec": "1.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/string-width" + ], + "_resolved": "https://registry.npmjs.org/code-point-at/-/code-point-at-1.0.0.tgz", + "_shasum": "f69b192d3f7d91e382e4b71bddb77878619ab0c6", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/code-point-at/issues" + }, + "dependencies": { + "number-is-nan": { + "_args": [ + [ + "number-is-nan@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/code-point-at" + ], + [ + "number-is-nan@1.0.0", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "number-is-nan@>=1.0.0 <2.0.0", + "_id": "number-is-nan@1.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/number-is-nan", + "_nodeVersion": "0.12.3", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.10.0", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "number-is-nan@1.0.0", + "name": "number-is-nan", + "escapedName": "number-is-nan", + "rawSpec": "1.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/code-point-at", + "/bundle-dependencies/is-fullwidth-code-point" + ], + "_resolved": "https://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.0.tgz", + "_shasum": "c020f529c5282adfdd233d91d4b181c3d686dc4b", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/number-is-nan/issues" + }, + "dependencies": {}, + "description": "ES6 Number.isNaN() ponyfill", + "devDependencies": { + "ava": "0.0.4" + }, + "directories": {}, + "dist": { + "shasum": "c020f529c5282adfdd233d91d4b181c3d686dc4b", + "tarball": "http://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "0f394b1bc33185c40304363b209e3f0588dbeeb3", + "homepage": "https://github.com/sindresorhus/number-is-nan#readme", + "keywords": [ + "es6", + "es2015", + "ecmascript", + "harmony", + "ponyfill", + "polyfill", + "shim", + "number", + "is", + "nan", + "not" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "number-is-nan", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/number-is-nan.git" + }, + "scripts": { + "test": "node test.js" + }, + "version": "1.0.0", + "readme": "# number-is-nan [![Build Status](https://travis-ci.org/sindresorhus/number-is-nan.svg?branch=master)](https://travis-ci.org/sindresorhus/number-is-nan)\n\n> ES6 [`Number.isNaN()`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Number/isNaN) ponyfill\n\n> Ponyfill: A polyfill that doesn't overwrite the native method\n\n\n## Install\n\n```\n$ npm install --save number-is-nan\n```\n\n\n## Usage\n\n```js\nvar numberIsNan = require('number-is-nan');\n\nnumberIsNan(NaN);\n//=> true\n\nnumberIsNan('unicorn');\n//=> false\n```\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/number-is-nan", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "ES2015 String#codePointAt() ponyfill", + "devDependencies": { + "ava": "0.0.4" + }, + "directories": {}, + "dist": { + "shasum": "f69b192d3f7d91e382e4b71bddb77878619ab0c6", + "tarball": "http://registry.npmjs.org/code-point-at/-/code-point-at-1.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "c2ffa4064718b37c84c73a633abeeed5b486a469", + "homepage": "https://github.com/sindresorhus/code-point-at", + "keywords": [ + "es2015", + "es6", + "ponyfill", + "polyfill", + "shim", + "string", + "str", + "code", + "point", + "at", + "codepoint", + "unicode" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "code-point-at", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/code-point-at.git" + }, + "scripts": { + "test": "node test.js" + }, + "version": "1.0.0", + "readme": "# code-point-at [![Build Status](https://travis-ci.org/sindresorhus/code-point-at.svg?branch=master)](https://travis-ci.org/sindresorhus/code-point-at)\n\n> ES2015 [`String#codePointAt()`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/codePointAt) ponyfill\n\n> Ponyfill: A polyfill that doesn't overwrite the native method\n\n\n## Install\n\n```\n$ npm install --save code-point-at\n```\n\n\n## Usage\n\n```js\nvar codePointAt = require('code-point-at');\n\ncodePointAt('🐴');\n//=> 128052\n\ncodePointAt('abc', 2);\n//=> 99\n```\n\n## API\n\n### codePointAt(input, [position])\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/code-point-at", + "error": "[Circular]", + "extraneous": false + }, + "is-fullwidth-code-point": { + "_args": [ + [ + "is-fullwidth-code-point@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/string-width" + ], + [ + "is-fullwidth-code-point@1.0.0", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "is-fullwidth-code-point@>=1.0.0 <2.0.0", + "_id": "is-fullwidth-code-point@1.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/is-fullwidth-code-point", + "_nodeVersion": "0.12.5", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.11.2", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "is-fullwidth-code-point@1.0.0", + "name": "is-fullwidth-code-point", + "escapedName": "is-fullwidth-code-point", + "rawSpec": "1.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/string-width" + ], + "_resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz", + "_shasum": "ef9e31386f031a7f0d643af82fde50c457ef00cb", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point/issues" + }, + "dependencies": { + "number-is-nan": { + "_args": "[Circular]", + "_from": "number-is-nan@>=1.0.0 <2.0.0", + "_id": "number-is-nan@1.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/number-is-nan", + "_nodeVersion": "0.12.3", + "_npmUser": "[Circular]", + "_npmVersion": "2.10.0", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "number-is-nan@1.0.0", + "name": "number-is-nan", + "escapedName": "number-is-nan", + "rawSpec": "1.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.0" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.0.tgz", + "_shasum": "c020f529c5282adfdd233d91d4b181c3d686dc4b", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "ES6 Number.isNaN() ponyfill", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "0f394b1bc33185c40304363b209e3f0588dbeeb3", + "homepage": "https://github.com/sindresorhus/number-is-nan#readme", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "number-is-nan", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "1.0.0", + "readme": "# number-is-nan [![Build Status](https://travis-ci.org/sindresorhus/number-is-nan.svg?branch=master)](https://travis-ci.org/sindresorhus/number-is-nan)\n\n> ES6 [`Number.isNaN()`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Number/isNaN) ponyfill\n\n> Ponyfill: A polyfill that doesn't overwrite the native method\n\n\n## Install\n\n```\n$ npm install --save number-is-nan\n```\n\n\n## Usage\n\n```js\nvar numberIsNan = require('number-is-nan');\n\nnumberIsNan(NaN);\n//=> true\n\nnumberIsNan('unicorn');\n//=> false\n```\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/number-is-nan", + "error": "[Circular]", + "extraneous": false, + "_deduped": "bundle-dependencies/number-is-nan" + } + }, + "description": "Check if the character represented by a given Unicode code point is fullwidth", + "devDependencies": { + "ava": "0.0.4", + "code-point-at": "^1.0.0" + }, + "directories": {}, + "dist": { + "shasum": "ef9e31386f031a7f0d643af82fde50c457ef00cb", + "tarball": "http://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "f2152d357f41f82785436d428e4f8ede143b7548", + "homepage": "https://github.com/sindresorhus/is-fullwidth-code-point", + "keywords": [ + "fullwidth", + "full-width", + "full", + "width", + "unicode", + "character", + "char", + "string", + "str", + "codepoint", + "code", + "point", + "is", + "detect", + "check" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "is-fullwidth-code-point", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/is-fullwidth-code-point.git" + }, + "scripts": { + "test": "node test.js" + }, + "version": "1.0.0", + "readme": "# is-fullwidth-code-point [![Build Status](https://travis-ci.org/sindresorhus/is-fullwidth-code-point.svg?branch=master)](https://travis-ci.org/sindresorhus/is-fullwidth-code-point)\n\n> Check if the character represented by a given [Unicode code point](https://en.wikipedia.org/wiki/Code_point) is [fullwidth](https://en.wikipedia.org/wiki/Halfwidth_and_fullwidth_forms)\n\n\n## Install\n\n```\n$ npm install --save is-fullwidth-code-point\n```\n\n\n## Usage\n\n```js\nvar isFullwidthCodePoint = require('is-fullwidth-code-point');\n\nisFullwidthCodePoint('谢'.codePointAt());\n//=> true\n\nisFullwidthCodePoint('a'.codePointAt());\n//=> false\n```\n\n\n## API\n\n### isFullwidthCodePoint(input)\n\n#### input\n\nType: `number`\n\n[Code point](https://en.wikipedia.org/wiki/Code_point) of a character.\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point", + "error": "[Circular]", + "extraneous": false + }, + "strip-ansi": { + "_args": "[Circular]", + "_from": "strip-ansi@>=3.0.0 <4.0.0", + "_id": "strip-ansi@3.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/strip-ansi", + "_nodeVersion": "0.12.7", + "_npmOperationalInternal": "[Circular]", + "_npmUser": "[Circular]", + "_npmVersion": "2.11.3", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "strip-ansi@3.0.1", + "name": "strip-ansi", + "escapedName": "strip-ansi", + "rawSpec": "3.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "3.0.1" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz", + "_shasum": "6a385fb8853d952d5ff05d0e8aaf94278dc63dcf", + "_shrinkwrap": "[Circular]", + "_spec": "3.0.1", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "Strip ANSI escape codes", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "8270705c704956da865623e564eba4875c3ea17f", + "homepage": "https://github.com/chalk/strip-ansi", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "strip-ansi", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "3.0.1", + "readme": "# strip-ansi [![Build Status](https://travis-ci.org/chalk/strip-ansi.svg?branch=master)](https://travis-ci.org/chalk/strip-ansi)\n\n> Strip [ANSI escape codes](http://en.wikipedia.org/wiki/ANSI_escape_code)\n\n\n## Install\n\n```\n$ npm install --save strip-ansi\n```\n\n\n## Usage\n\n```js\nvar stripAnsi = require('strip-ansi');\n\nstripAnsi('\\u001b[4mcake\\u001b[0m');\n//=> 'cake'\n```\n\n\n## Related\n\n- [strip-ansi-cli](https://github.com/chalk/strip-ansi-cli) - CLI for this module\n- [has-ansi](https://github.com/chalk/has-ansi) - Check if a string has ANSI escape codes\n- [ansi-regex](https://github.com/chalk/ansi-regex) - Regular expression for matching ANSI escape codes\n- [chalk](https://github.com/chalk/chalk) - Terminal string styling done right\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-ansi", + "error": "[Circular]", + "extraneous": false, + "_deduped": "bundle-dependencies/strip-ansi" + } + }, + "description": "Get the visual width of a string - the number of columns required to display it", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "f279cfd14835f0a3c8df69ba18e9a3960156e135", + "homepage": "https://github.com/sindresorhus/string-width", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "string-width", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "1.0.1", + "readme": "# string-width [![Build Status](https://travis-ci.org/sindresorhus/string-width.svg?branch=master)](https://travis-ci.org/sindresorhus/string-width)\n\n> Get the visual width of a string - the number of columns required to display it\n\nSome Unicode characters are [fullwidth](https://en.wikipedia.org/wiki/Halfwidth_and_fullwidth_forms) and use double the normal width.\n\nUseful to be able to measure the actual width of command-line output.\n\n\n## Install\n\n```\n$ npm install --save string-width\n```\n\n\n## Usage\n\n```js\nvar stringWidth = require('string-width');\n\nstringWidth('古');\n//=> 2\n\nstringWidth('\\u001b[1m古\\u001b[22m');\n//=> 2\n\nstringWidth('a');\n//=> 1\n```\n\n\n## Related\n\n- [string-width-cli](https://github.com/sindresorhus/string-width-cli) - CLI for this module\n- [string-length](https://github.com/sindresorhus/string-length) - Get the real length of a string\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "error": "[Circular]", + "extraneous": false + }, + "window-size": { + "_args": [ + [ + "window-size@^0.2.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "window-size@0.2.0", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "window-size@>=0.2.0 <0.3.0", + "_id": "window-size@0.2.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/window-size", + "_nodeVersion": "5.3.0", + "_npmUser": { + "email": "github@sellside.com", + "name": "jonschlinkert" + }, + "_npmVersion": "3.3.12", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "window-size@0.2.0", + "name": "window-size", + "escapedName": "window-size", + "rawSpec": "0.2.0", + "saveSpec": "[Circular]", + "fetchSpec": "0.2.0" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/window-size/-/window-size-0.2.0.tgz", + "_shasum": "b4315bb4214a3d7058ebeee892e13fa24d98b075", + "_shrinkwrap": "[Circular]", + "_spec": "0.2.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Jon Schlinkert", + "url": "https://github.com/jonschlinkert" + }, + "bin": { + "window-size": "cli.js" + }, + "bugs": { + "url": "https://github.com/jonschlinkert/window-size/issues" + }, + "dependencies": {}, + "description": "Reliable way to to get the height and width of the terminal/console in a node.js environment.", + "devDependencies": { + "semistandard": "^7.0.2", + "tap": "^2.2.1" + }, + "directories": {}, + "dist": { + "shasum": "b4315bb4214a3d7058ebeee892e13fa24d98b075", + "tarball": "http://registry.npmjs.org/window-size/-/window-size-0.2.0.tgz" + }, + "engines": { + "node": ">= 0.10.0" + }, + "files": [ + "index.js", + "cli.js" + ], + "gitHead": "538b4406a6f30c9a2c8f84ba38bb34a39775bd2b", + "homepage": "https://github.com/jonschlinkert/window-size", + "keywords": [ + "console", + "height", + "resize", + "size", + "terminal", + "tty", + "width", + "window" + ], + "license": "MIT", + "main": "index.js", + "maintainers": [ + { + "name": "jonschlinkert", + "email": "github@sellside.com" + }, + { + "name": "doowb", + "email": "brian.woodward@gmail.com" + } + ], + "name": "window-size", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/jonschlinkert/window-size.git" + }, + "scripts": { + "pretest": "semistandard", + "test": "tap --coverage test.js" + }, + "verb": { + "related": { + "list": [ + "yargs", + "lint-deps", + "base-cli" + ] + } + }, + "version": "0.2.0", + "readme": "# window-size [![NPM version](https://badge.fury.io/js/window-size.svg)](http://badge.fury.io/js/window-size) [![Build Status](https://travis-ci.org/jonschlinkert/window-size.svg)](https://travis-ci.org/jonschlinkert/window-size)\n\n> Reliable way to to get the height and width of the terminal/console in a node.js environment.\n\n## Install\n\nInstall with [npm](https://www.npmjs.com/)\n\n```sh\n$ npm i window-size --save\n```\n\n## Usage\n\n```js\nvar size = require('window-size');\nsize.height; // \"25\" (rows)\nsize.width; // \"80\" (columns)\n```\n\n## Other projects\n\n* [base-cli](https://www.npmjs.com/package/base-cli): Plugin for base-methods that maps built-in methods to CLI args (also supports methods from a… [more](https://www.npmjs.com/package/base-cli) | [homepage](https://github.com/jonschlinkert/base-cli)\n* [lint-deps](https://www.npmjs.com/package/lint-deps): CLI tool that tells you when dependencies are missing from package.json and offers you a… [more](https://www.npmjs.com/package/lint-deps) | [homepage](https://github.com/jonschlinkert/lint-deps)\n* [yargs](https://www.npmjs.com/package/yargs): Light-weight option parsing with an argv hash. No optstrings attached. | [homepage](https://github.com/bcoe/yargs#readme)\n\n## Contributing\n\nPull requests and stars are always welcome. For bugs and feature requests, [please create an issue](https://github.com/jonschlinkert/window-size/issues/new).\n\n## Author\n\n**Jon Schlinkert**\n\n+ [github/jonschlinkert](https://github.com/jonschlinkert)\n+ [twitter/jonschlinkert](http://twitter.com/jonschlinkert)\n\n## License\n\nCopyright © 2014-2015 [Jon Schlinkert](https://github.com/jonschlinkert)\nReleased under the MIT license.\n\n***\n\n_This file was generated by [verb-cli](https://github.com/assemble/verb-cli) on November 15, 2015._", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/window-size", + "error": "[Circular]", + "extraneous": false + }, + "y18n": { + "_args": [ + [ + "y18n@^3.2.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "y18n@3.2.0", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "y18n@>=3.2.0 <4.0.0", + "_id": "y18n@3.2.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/y18n", + "_nodeVersion": "0.12.7", + "_npmUser": { + "email": "andrewbgoode@gmail.com", + "name": "abg" + }, + "_npmVersion": "2.14.2", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "y18n@3.2.0", + "name": "y18n", + "escapedName": "y18n", + "rawSpec": "3.2.0", + "saveSpec": "[Circular]", + "fetchSpec": "3.2.0" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/y18n/-/y18n-3.2.0.tgz", + "_shasum": "3bec64c93b730d924a6148c765757932433e34c8", + "_shrinkwrap": "[Circular]", + "_spec": "3.2.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Ben Coe", + "email": "ben@npmjs.com" + }, + "bugs": { + "url": "https://github.com/bcoe/y18n/issues" + }, + "dependencies": {}, + "description": "the bare-bones internationalization library used by yargs", + "devDependencies": { + "chai": "^3.3.0", + "coveralls": "^2.11.4", + "mocha": "^2.3.3", + "nyc": "^3.2.2", + "rimraf": "^2.4.3", + "standard": "^5.3.1" + }, + "directories": {}, + "dist": { + "shasum": "3bec64c93b730d924a6148c765757932433e34c8", + "tarball": "http://registry.npmjs.org/y18n/-/y18n-3.2.0.tgz" + }, + "gitHead": "a92184823afa8cccef4c8100a0b79338f85ab089", + "homepage": "https://github.com/bcoe/y18n", + "keywords": [ + "i18n", + "internationalization", + "yargs" + ], + "license": "ISC", + "main": "index.js", + "maintainers": [ + { + "name": "bcoe", + "email": "ben@npmjs.com" + }, + { + "name": "abg", + "email": "andrewbgoode@gmail.com" + } + ], + "name": "y18n", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+ssh://git@github.com/bcoe/y18n.git" + }, + "scripts": { + "coverage": "nyc report --reporter=text-lcov | coveralls", + "pretest": "standard", + "test": "nyc mocha" + }, + "version": "3.2.0", + "readme": "# y18n\n\n[![Build Status][travis-image]][travis-url]\n[![Coverage Status][coveralls-image]][coveralls-url]\n[![NPM version][npm-image]][npm-url]\n[![js-standard-style][standard-image]][standard-url]\n\nThe bare-bones internationalization library used by yargs.\n\nInspired by [i18n](https://www.npmjs.com/package/i18n).\n\n## Examples\n\n_simple string translation:_\n\n```js\nvar __ = require('y18n').__\n\nconsole.log(__('my awesome string %s', 'foo'))\n```\n\noutput:\n\n`my awesome string foo`\n\n_pluralization support:_\n\n```js\nvar __n = require('y18n').__n\n\nconsole.log(__n('one fish %s', '%d fishes %s', 2, 'foo'))\n```\n\noutput:\n\n`2 fishes foo`\n\n## JSON Language Files\n\nThe JSON language files should be stored in a `./locales` folder.\nFile names correspond to locales, e.g., `en.json`, `pirate.json`.\n\nWhen strings are observed for the first time they will be\nadded to the JSON file corresponding to the current locale.\n\n## Methods\n\n### require('y18n')(config)\n\nCreate an instance of y18n with the config provided, options include:\n\n* `directory`: the locale directory, default `./locales`.\n* `updateFiles`: should newly observed strings be updated in file, default `true`.\n* `locale`: what locale should be used.\n* `fallbackToLanguage`: should fallback to a language-only file (e.g. `en.json`)\n be allowed if a file matching the locale does not exist (e.g. `en_US.json`),\n default `true`.\n\n### y18n.\\_\\_(str, arg, arg, arg)\n\nPrint a localized string, `%s` will be replaced with `arg`s.\n\n### y18n.\\_\\_n(singularString, pluralString, count, arg, arg, arg)\n\nPrint a localized string with appropriate pluralization. If `%d` is provided\nin the string, the `count` will replace this placeholder.\n\n### y18n.setLocale(str)\n\nSet the current locale being used.\n\n### y18n.getLocale()\n\nWhat locale is currently being used?\n\n### y18n.updateLocale(obj)\n\nUpdate the current locale with the key value pairs in `obj`.\n\n## License\n\nISC\n\n[travis-url]: https://travis-ci.org/bcoe/y18n\n[travis-image]: https://img.shields.io/travis/bcoe/y18n.svg\n[coveralls-url]: https://coveralls.io/github/bcoe/y18n\n[coveralls-image]: https://img.shields.io/coveralls/bcoe/y18n.svg\n[npm-url]: https://npmjs.org/package/y18n\n[npm-image]: https://img.shields.io/npm/v/y18n.svg\n[standard-image]: https://img.shields.io/badge/code%20style-standard-brightgreen.svg\n[standard-url]: https://github.com/feross/standard\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/y18n", + "error": "[Circular]", + "extraneous": false + }, + "yargs-parser": { + "_args": [ + [ + "yargs-parser@^2.1.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "yargs-parser@2.1.0", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "yargs-parser@>=2.1.0 <3.0.0", + "_id": "yargs-parser@2.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/yargs-parser", + "_nodeVersion": "3.2.0", + "_npmOperationalInternal": { + "host": "packages-9-west.internal.npmjs.com", + "tmp": "tmp/yargs-parser-2.1.0.tgz_1455440640589_0.058524578576907516" + }, + "_npmUser": { + "email": "ben@npmjs.com", + "name": "bcoe" + }, + "_npmVersion": "3.3.0", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "yargs-parser@2.1.0", + "name": "yargs-parser", + "escapedName": "yargs-parser", + "rawSpec": "2.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-2.1.0.tgz", + "_shasum": "5f214362f948a085389abf34a78d8b5eef0b1350", + "_shrinkwrap": "[Circular]", + "_spec": "2.1.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Ben Coe", + "email": "ben@npmjs.com" + }, + "bugs": { + "url": "https://github.com/yargs/yargs-parser/issues" + }, + "dependencies": { + "camelcase": { + "_args": "[Circular]", + "_from": "camelcase@>=2.0.1 <3.0.0", + "_id": "camelcase@2.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/camelcase", + "_nodeVersion": "4.2.4", + "_npmUser": "[Circular]", + "_npmVersion": "3.6.0", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "camelcase@2.1.0", + "name": "camelcase", + "escapedName": "camelcase", + "rawSpec": "2.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.1.0" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/camelcase/-/camelcase-2.1.0.tgz", + "_shasum": "533ad4cd7f8a1080ded31aba6c79b4bf437ff30c", + "_shrinkwrap": "[Circular]", + "_spec": "2.1.0", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "Convert a dash/dot/underscore/space separated string to camelCase: foo-bar → fooBar", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "9b73ccb3f48ab86eccb136c155f0eb2e67f40dc3", + "homepage": "https://github.com/sindresorhus/camelcase#readme", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "camelcase", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "2.1.0", + "readme": "# camelcase [![Build Status](https://travis-ci.org/sindresorhus/camelcase.svg?branch=master)](https://travis-ci.org/sindresorhus/camelcase)\n\n> Convert a dash/dot/underscore/space separated string to camelCase: `foo-bar` → `fooBar`\n\n\n## Install\n\n```\n$ npm install --save camelcase\n```\n\n\n## Usage\n\n```js\nconst camelCase = require('camelcase');\n\ncamelCase('foo-bar');\n//=> 'fooBar'\n\ncamelCase('foo_bar');\n//=> 'fooBar'\n\ncamelCase('Foo-Bar');\n//=> 'fooBar'\n\ncamelCase('--foo.bar');\n//=> 'fooBar'\n\ncamelCase('__foo__bar__');\n//=> 'fooBar'\n\ncamelCase('foo bar');\n//=> 'fooBar'\n\nconsole.log(process.argv[3]);\n//=> '--foo-bar'\ncamelCase(process.argv[3]);\n//=> 'fooBar'\n\ncamelCase('foo', 'bar');\n//=> 'fooBar'\n\ncamelCase('__foo__', '--bar');\n//=> 'fooBar'\n```\n\n\n## Related\n\n- [decamelize](https://github.com/sindresorhus/decamelize) - The inverse of this module\n- [uppercamelcase](https://github.com/SamVerschueren/uppercamelcase) - Like this module, but to PascalCase instead of camelCase\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/camelcase", + "error": "[Circular]", + "extraneous": false, + "_deduped": "bundle-dependencies/camelcase" + }, + "lodash.assign": { + "_args": [ + [ + "lodash.assign@^4.0.2", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs-parser" + ], + [ + "lodash.assign@4.0.3", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "lodash.assign@>=4.0.2 <5.0.0", + "_id": "lodash.assign@4.0.3", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/lodash.assign", + "_nodeVersion": "5.5.0", + "_npmOperationalInternal": { + "host": "packages-9-west.internal.npmjs.com", + "tmp": "tmp/lodash.assign-4.0.3.tgz_1455615071928_0.8044304654467851" + }, + "_npmUser": { + "email": "john.david.dalton@gmail.com", + "name": "jdalton" + }, + "_npmVersion": "2.14.18", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "lodash.assign@4.0.3", + "name": "lodash.assign", + "escapedName": "lodash.assign", + "rawSpec": "4.0.3", + "saveSpec": "[Circular]", + "fetchSpec": "4.0.3" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs-parser" + ], + "_resolved": "https://registry.npmjs.org/lodash.assign/-/lodash.assign-4.0.3.tgz", + "_shasum": "208252719b4375f361981c3ba3a8a09d1cbdb218", + "_shrinkwrap": "[Circular]", + "_spec": "4.0.3", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "John-David Dalton", + "email": "john.david.dalton@gmail.com", + "url": "http://allyoucanleet.com/" + }, + "bugs": { + "url": "https://github.com/lodash/lodash/issues" + }, + "contributors": [ + { + "name": "John-David Dalton", + "email": "john.david.dalton@gmail.com", + "url": "http://allyoucanleet.com/" + }, + { + "name": "Blaine Bublitz", + "email": "blaine@iceddev.com", + "url": "https://github.com/phated" + }, + { + "name": "Mathias Bynens", + "email": "mathias@qiwi.be", + "url": "https://mathiasbynens.be/" + } + ], + "dependencies": { + "lodash.keys": { + "_args": [ + [ + "lodash.keys@^4.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/lodash.assign" + ], + [ + "lodash.keys@4.0.3", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "lodash.keys@>=4.0.0 <5.0.0", + "_id": "lodash.keys@4.0.3", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/lodash.keys", + "_nodeVersion": "5.5.0", + "_npmOperationalInternal": { + "host": "packages-6-west.internal.npmjs.com", + "tmp": "tmp/lodash.keys-4.0.3.tgz_1455615421513_0.2519911821000278" + }, + "_npmUser": { + "email": "john.david.dalton@gmail.com", + "name": "jdalton" + }, + "_npmVersion": "2.14.18", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "lodash.keys@4.0.3", + "name": "lodash.keys", + "escapedName": "lodash.keys", + "rawSpec": "4.0.3", + "saveSpec": "[Circular]", + "fetchSpec": "4.0.3" + }, + "_requiredBy": [ + "/bundle-dependencies/lodash.assign" + ], + "_resolved": "https://registry.npmjs.org/lodash.keys/-/lodash.keys-4.0.3.tgz", + "_shasum": "f698bb75edfae6f690db9e11908157732fe7b342", + "_shrinkwrap": "[Circular]", + "_spec": "4.0.3", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "John-David Dalton", + "email": "john.david.dalton@gmail.com", + "url": "http://allyoucanleet.com/" + }, + "bugs": { + "url": "https://github.com/lodash/lodash/issues" + }, + "contributors": [ + { + "name": "John-David Dalton", + "email": "john.david.dalton@gmail.com", + "url": "http://allyoucanleet.com/" + }, + { + "name": "Blaine Bublitz", + "email": "blaine@iceddev.com", + "url": "https://github.com/phated" + }, + { + "name": "Mathias Bynens", + "email": "mathias@qiwi.be", + "url": "https://mathiasbynens.be/" + } + ], + "dependencies": {}, + "description": "The lodash method `_.keys` exported as a module.", + "devDependencies": {}, + "directories": {}, + "dist": { + "shasum": "f698bb75edfae6f690db9e11908157732fe7b342", + "tarball": "http://registry.npmjs.org/lodash.keys/-/lodash.keys-4.0.3.tgz" + }, + "homepage": "https://lodash.com/", + "icon": "https://lodash.com/icon.svg", + "keywords": [ + "lodash-modularized", + "keys" + ], + "license": "MIT", + "maintainers": [ + { + "name": "jdalton", + "email": "john.david.dalton@gmail.com" + }, + { + "name": "mathias", + "email": "mathias@qiwi.be" + }, + { + "name": "phated", + "email": "blaine@iceddev.com" + } + ], + "name": "lodash.keys", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/lodash/lodash.git" + }, + "scripts": { + "test": "echo \"See https://travis-ci.org/lodash/lodash-cli for testing details.\"" + }, + "version": "4.0.3", + "readme": "# lodash.keys v4.0.3\n\nThe [lodash](https://lodash.com/) method `_.keys` exported as a [Node.js](https://nodejs.org/) module.\n\n## Installation\n\nUsing npm:\n```bash\n$ {sudo -H} npm i -g npm\n$ npm i --save lodash.keys\n```\n\nIn Node.js:\n```js\nvar keys = require('lodash.keys');\n```\n\nSee the [documentation](https://lodash.com/docs#keys) or [package source](https://github.com/lodash/lodash/blob/4.0.3-npm-packages/lodash.keys) for more details.\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.keys", + "error": "[Circular]", + "extraneous": false + }, + "lodash.rest": { + "_args": [ + [ + "lodash.rest@^4.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/lodash.assign" + ], + [ + "lodash.rest@4.0.1", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "lodash.rest@>=4.0.0 <5.0.0", + "_id": "lodash.rest@4.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/lodash.rest", + "_nodeVersion": "5.4.0", + "_npmOperationalInternal": { + "host": "packages-5-east.internal.npmjs.com", + "tmp": "tmp/lodash.rest-4.0.1.tgz_1454484670768_0.6682933256961405" + }, + "_npmUser": { + "email": "john.david.dalton@gmail.com", + "name": "jdalton" + }, + "_npmVersion": "2.14.15", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "lodash.rest@4.0.1", + "name": "lodash.rest", + "escapedName": "lodash.rest", + "rawSpec": "4.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "4.0.1" + }, + "_requiredBy": [ + "/bundle-dependencies/lodash.assign" + ], + "_resolved": "https://registry.npmjs.org/lodash.rest/-/lodash.rest-4.0.1.tgz", + "_shasum": "cbecbb84e68e499a1b242baf9b27bb63ef4dd980", + "_shrinkwrap": "[Circular]", + "_spec": "4.0.1", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "John-David Dalton", + "email": "john.david.dalton@gmail.com", + "url": "http://allyoucanleet.com/" + }, + "bugs": { + "url": "https://github.com/lodash/lodash/issues" + }, + "contributors": [ + { + "name": "John-David Dalton", + "email": "john.david.dalton@gmail.com", + "url": "http://allyoucanleet.com/" + }, + { + "name": "Blaine Bublitz", + "email": "blaine@iceddev.com", + "url": "https://github.com/phated" + }, + { + "name": "Mathias Bynens", + "email": "mathias@qiwi.be", + "url": "https://mathiasbynens.be/" + } + ], + "dependencies": {}, + "description": "The lodash method `_.rest` exported as a module.", + "devDependencies": {}, + "directories": {}, + "dist": { + "shasum": "cbecbb84e68e499a1b242baf9b27bb63ef4dd980", + "tarball": "http://registry.npmjs.org/lodash.rest/-/lodash.rest-4.0.1.tgz" + }, + "homepage": "https://lodash.com/", + "icon": "https://lodash.com/icon.svg", + "keywords": [ + "lodash-modularized", + "rest" + ], + "license": "MIT", + "maintainers": [ + { + "name": "jdalton", + "email": "john.david.dalton@gmail.com" + }, + { + "name": "mathias", + "email": "mathias@qiwi.be" + }, + { + "name": "phated", + "email": "blaine@iceddev.com" + } + ], + "name": "lodash.rest", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/lodash/lodash.git" + }, + "scripts": { + "test": "echo \"See https://travis-ci.org/lodash/lodash-cli for testing details.\"" + }, + "version": "4.0.1", + "readme": "# lodash.rest v4.0.1\n\nThe [lodash](https://lodash.com/) method `_.rest` exported as a [Node.js](https://nodejs.org/) module.\n\n## Installation\n\nUsing npm:\n```bash\n$ {sudo -H} npm i -g npm\n$ npm i --save lodash.rest\n```\n\nIn Node.js:\n```js\nvar rest = require('lodash.rest');\n```\n\nSee the [documentation](https://lodash.com/docs#rest) or [package source](https://github.com/lodash/lodash/blob/4.0.1-npm-packages/lodash.rest) for more details.\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.rest", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "The lodash method `_.assign` exported as a module.", + "devDependencies": {}, + "directories": {}, + "dist": { + "shasum": "208252719b4375f361981c3ba3a8a09d1cbdb218", + "tarball": "http://registry.npmjs.org/lodash.assign/-/lodash.assign-4.0.3.tgz" + }, + "homepage": "https://lodash.com/", + "icon": "https://lodash.com/icon.svg", + "keywords": [ + "lodash-modularized", + "assign" + ], + "license": "MIT", + "maintainers": [ + { + "name": "jdalton", + "email": "john.david.dalton@gmail.com" + }, + { + "name": "mathias", + "email": "mathias@qiwi.be" + }, + { + "name": "phated", + "email": "blaine@iceddev.com" + } + ], + "name": "lodash.assign", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/lodash/lodash.git" + }, + "scripts": { + "test": "echo \"See https://travis-ci.org/lodash/lodash-cli for testing details.\"" + }, + "version": "4.0.3", + "readme": "# lodash.assign v4.0.3\n\nThe [lodash](https://lodash.com/) method `_.assign` exported as a [Node.js](https://nodejs.org/) module.\n\n## Installation\n\nUsing npm:\n```bash\n$ {sudo -H} npm i -g npm\n$ npm i --save lodash.assign\n```\n\nIn Node.js:\n```js\nvar assign = require('lodash.assign');\n```\n\nSee the [documentation](https://lodash.com/docs#assign) or [package source](https://github.com/lodash/lodash/blob/4.0.3-npm-packages/lodash.assign) for more details.\n", + "readmeFilename": "README.md", + "_dependencies": { + "lodash.keys": "^4.0.0", + "lodash.rest": "^4.0.0" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.assign", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "the mighty option parser used by yargs", + "devDependencies": { + "chai": "^3.5.0", + "coveralls": "^2.11.6", + "mocha": "^2.4.5", + "nyc": "^5.6.0", + "standard": "^5.4.1" + }, + "directories": {}, + "dist": { + "shasum": "5f214362f948a085389abf34a78d8b5eef0b1350", + "tarball": "http://registry.npmjs.org/yargs-parser/-/yargs-parser-2.1.0.tgz" + }, + "gitHead": "78f49ffde9a3305facb66b2faeae862b33d0745e", + "homepage": "https://github.com/yargs/yargs-parser#readme", + "keywords": [ + "argument", + "parser", + "yargs", + "command", + "cli", + "parsing", + "option", + "args", + "argument" + ], + "license": "ISC", + "main": "index.js", + "maintainers": [ + { + "name": "bcoe", + "email": "ben@npmjs.com" + } + ], + "name": "yargs-parser", + "optionalDependencies": {}, + "repository": { + "url": "git+ssh://git@github.com/yargs/yargs-parser.git" + }, + "scripts": { + "coverage": "nyc report --reporter=text-lcov | coveralls", + "pretest": "standard", + "test": "nyc mocha test/*.js" + }, + "version": "2.1.0", + "readme": "# yargs-parser\n\n[![Build Status](https://travis-ci.org/yargs/yargs-parser.png)](https://travis-ci.org/yargs/yargs-parser)\n[![Coverage Status](https://coveralls.io/repos/yargs/yargs-parser/badge.svg?branch=)](https://coveralls.io/r/yargs/yargs-parser?branch=master)\n[![NPM version](https://img.shields.io/npm/v/yargs-parser.svg)](https://www.npmjs.com/package/yargs-parser)\n[![Windows Tests](https://img.shields.io/appveyor/ci/bcoe/yargs-parser/master.svg?label=Windows%20Tests)](https://ci.appveyor.com/project/bcoe/yargs-parser)\n\nThe mighty option parser used by [yargs](https://github.com/bcoe/yargs).\n\nvisit the [yargs website](http://yargs.js.org/) for more examples, and thorough usage instructions.\n\n\n\n## Example\n\n```sh\nnpm i yargs-parser --save\n```\n\n```js\nvar argv = require('yargs-parser')(process.argv.slice(2));\nconsole.log(argv)\n```\n\n```sh\nnode example.js --foo=33 --bar hello\n{ _: [], foo: 33, bar: 'hello' }\n```\n\n_or parse a string!_\n\n```js\nvar argv = require('./')('--foo=99 --bar=33');\nconsole.log(argv)\n```\n\n```sh\n{ _: [], foo: 99, bar: 33 }\n```\n\n## API\n\n### require('yargs-parser')(args, opts={})\n\nParses command line arguments returning a simple mapping of keys and values.\n\n**expects:**\n\n* `args`: an array or string representing the options to parse.\n* `opts`: provide a set of hints indicating how `args` should be parsed:\n * `opts.alias`: an object representing the set of aliases for a key: `{alias: {foo: ['f']}}`.\n * `opts.array`: indicate that keys should be parsed as an array: `{array: ['foo', 'bar']}`.\n * `opts.boolean`: arguments should be parsed as booleans: `{boolean: ['x', 'y']}`.\n * `opts.config`: indicate a key that represents a path to a configuration file (this file will be loaded and parsed).\n * `opts.count`: indicate a key that should be used as a counter, e.g., `-vvv` = `{v: 3}`.\n * `opts.default`: provide default values for keys: `{default: {x: 33, y: 'hello world!'}}`.\n * `opts.envPrefix`: environment variables (`process.env`) with the prefix provided should be parsed.\n * `opts.narg`: specify that a key requires `n` arguments: `{narg: {x: 2}}`.\n * `opts.normalize`: `path.normalize()` will be applied to values set to this key.\n * `opts.string`: keys should be treated as strings (even if they resemble a number `-x 33`).\n * `opts.configuration`: provide configuration options to the yargs-parser (see: [configuration](#configuration)).\n * `opts.number`: keys should be treated as numbers.\n\n**returns:**\n\n* `obj`: an object representing the parsed value of `args`\n * `key/value`: key value pairs for each argument and their aliases.\n * `_`: an array representing the positional arguments.\n\n### require('yargs-parser').detailed(args, opts={})\n\nParses a command line string, returning detailed information required by the\nyargs engine.\n\n**expects:**\n\n* `args`: an array or string representing options to parse.\n* `opts`: provide a set of hints indicating how `args`, inputs are identical to `require('yargs-parser')(args, opts={})`.\n\n**returns:**\n\n* `argv`: an object representing the parsed value of `args`\n * `key/value`: key value pairs for each argument and their aliases.\n * `_`: an array representing the positional arguments.\n* `error`: populated with an error object if an exception occurred during parsing.\n* `aliases`: the inferred list of aliases built by combining lists in `opts.alias`.\n* `newAliases`: any new aliases added via camel-case expansion.\n* `configuration`: the configuration loaded from the `yargs` stanza in package.json.\n\n\n### Configuration\n\nThe yargs-parser applies several automated transformations on the keys provided\nin `args`. These features can be turned on and off using the `configuration` field\nof `opts`.\n\n```js\nvar parsed = parser(['--no-dice'], {\n configuration: {\n 'boolean-negation': false\n }\n})\n```\n\n### short option groups\n\n* default: `true`.\n* key: `short-option-groups`.\n\nShould a group of short-options be treated as boolean flags?\n\n```sh\nnode example.js -abc\n{ _: [], a: true, b: true, c: true }\n```\n\n_if disabled:_\n\n```sh\nnode example.js -abc\n{ _: [], abc: true }\n```\n\n### camel-case expansion\n\n* default: `true`.\n* key: `camel-case-expansion`.\n\nShould hyphenated arguments be expanded into camel-case aliases?\n\n```sh\nnode example.js --foo-bar\n{ _: [], 'foo-bar': true, fooBar: true }\n```\n\n_if disabled:_\n\n```sh\nnode example.js --foo-bar\n{ _: [], 'foo-bar': true }\n```\n\n### dot-notation\n\n* default: `true`\n* key: `dot-notation`\n\nShould keys that contain `.` be treated as objects?\n\n```sh\nnode example.js --foo.bar\n{ _: [], foo: { bar: true } }\n```\n\n_if disabled:_\n\n```sh\nnode example.js --foo.bar\n{ _: [], \"foo.bar\": true }\n```\n\n### parse numbers\n\n* default: `true`\n* key: 'parse-numbers'\n\nShould keys that look like numbers be treated as such?\n\n```sh\nnode example.js --foo=99.3\n{ _: [], foo: 99.3 }\n```\n\n_if disabled:_\n\n```sh\nnode example.js --foo=99.3\n{ _: [], foo: \"99.3\" }\n```\n\n### boolean negation\n\n* default: `true`\n* key: 'boolean-negation'\n\nShould variables prefixed with `--no` be treated as negations?\n\n```sh\nnode example.js --no-foo\n{ _: [], foo: false }\n```\n\n_if disabled:_\n\n```sh\nnode example.js --no-foo\n{ _: [], \"no-foo\": true }\n```\n\n## Special Thanks\n\nThe yargs project evolves from optimist and minimist. It owes its\nexistence to a lot of James Halliday's hard work. Thanks [substack](https://github.com/substack) **beep** **boop** \\o/\n\n## License\n\nISC\n", + "readmeFilename": "README.md", + "_dependencies": { + "camelcase": "^2.1.0", + "lodash.assign": "^4.0.2" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/yargs-parser", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Light-weight option parsing with an argv hash. No optstrings attached.", + "devDependencies": { + "chai": "^3.4.1", + "chalk": "^1.1.1", + "coveralls": "^2.11.4", + "cpr": "^1.0.0", + "es6-promise": "^3.0.2", + "hashish": "0.0.4", + "mocha": "^2.4.5", + "nyc": "^5.2.0", + "rimraf": "^2.5.0", + "standard": "^6.0.5", + "which": "^1.1.2", + "win-spawn": "^2.0.0" + }, + "directories": {}, + "dist": { + "shasum": "035e5ea466ac7fea584b00353e33eae4082b9894", + "tarball": "http://registry.npmjs.org/yargs/-/yargs-4.1.0.tgz" + }, + "engine": { + "node": ">=0.10" + }, + "files": [ + "index.js", + "lib", + "locales", + "completion.sh.hbs", + "LICENSE" + ], + "gitHead": "3808fabcd36645a1c855385e62c31fd5917ee447", + "homepage": "http://yargs.js.org/", + "keywords": [ + "argument", + "args", + "option", + "parser", + "parsing", + "cli", + "command" + ], + "license": "MIT", + "main": "./index.js", + "maintainers": [ + { + "name": "bcoe", + "email": "ben@npmjs.com" + }, + { + "name": "chevex", + "email": "alex.ford@codetunnel.com" + }, + { + "name": "nexdrew", + "email": "andrew@npmjs.com" + }, + { + "name": "nylen", + "email": "jnylen@gmail.com" + } + ], + "name": "yargs", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+ssh://git@github.com/bcoe/yargs.git" + }, + "scripts": { + "coverage": "nyc report --reporter=text-lcov | coveralls", + "pretest": "standard", + "test": "nyc --cache mocha --require ./test/before.js --timeout=4000 --check-leaks" + }, + "standard": { + "ignore": [ + "**/example/**" + ] + }, + "version": "4.1.0", + "readme": "yargs\n========\n\nYargs be a node.js library fer hearties tryin' ter parse optstrings.\n\nWith yargs, ye be havin' a map that leads straight to yer treasure! Treasure of course, being a simple option hash.\n\n[![Build Status][travis-image]][travis-url]\n[![Dependency Status][gemnasium-image]][gemnasium-url]\n[![Coverage Status][coveralls-image]][coveralls-url]\n[![NPM version][npm-image]][npm-url]\n[![Windows Tests][windows-image]][windows-url]\n[![js-standard-style][standard-image]](standard-url)\n\n> Yargs is the official successor to optimist. Please feel free to submit issues and pull requests. If you'd like to contribute and don't know where to start, have a look at [the issue list](https://github.com/bcoe/yargs/issues) :)\n\nexamples\n========\n\nWith yargs, the options be just a hash!\n-------------------------------------------------------------------\n\nplunder.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs').argv;\n\nif (argv.ships > 3 && argv.distance < 53.5) {\n console.log('Plunder more riffiwobbles!');\n}\nelse {\n console.log('Retreat from the xupptumblers!');\n}\n````\n\n***\n\n $ ./plunder.js --ships=4 --distance=22\n Plunder more riffiwobbles!\n\n $ ./plunder.js --ships 12 --distance 98.7\n Retreat from the xupptumblers!\n\n![Joe was one optimistic pirate.](http://i.imgur.com/4WFGVJ9.png)\n\nBut don't walk the plank just yet! There be more! You can do short options:\n-------------------------------------------------\n\nshort.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs').argv;\nconsole.log('(%d,%d)', argv.x, argv.y);\n````\n\n***\n\n $ ./short.js -x 10 -y 21\n (10,21)\n\nAnd booleans, both long, short, and even grouped:\n----------------------------------\n\nbool.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs').argv;\n\nif (argv.s) {\n process.stdout.write(argv.fr ? 'Le perroquet dit: ' : 'The parrot says: ');\n}\nconsole.log(\n (argv.fr ? 'couac' : 'squawk') + (argv.p ? '!' : '')\n);\n````\n\n***\n\n $ ./bool.js -s\n The parrot says: squawk\n\n $ ./bool.js -sp\n The parrot says: squawk!\n\n $ ./bool.js -sp --fr\n Le perroquet dit: couac!\n\nAnd non-hyphenated options too! Just use `argv._`!\n-------------------------------------------------\n\nnonopt.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs').argv;\nconsole.log('(%d,%d)', argv.x, argv.y);\nconsole.log(argv._);\n````\n\n***\n\n $ ./nonopt.js -x 6.82 -y 3.35 rum\n (6.82,3.35)\n [ 'rum' ]\n\n $ ./nonopt.js \"me hearties\" -x 0.54 yo -y 1.12 ho\n (0.54,1.12)\n [ 'me hearties', 'yo', 'ho' ]\n\nYargs even counts your booleans!\n----------------------------------------------------------------------\n\ncount.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs')\n .count('verbose')\n .alias('v', 'verbose')\n .argv;\n\nVERBOSE_LEVEL = argv.verbose;\n\nfunction WARN() { VERBOSE_LEVEL >= 0 && console.log.apply(console, arguments); }\nfunction INFO() { VERBOSE_LEVEL >= 1 && console.log.apply(console, arguments); }\nfunction DEBUG() { VERBOSE_LEVEL >= 2 && console.log.apply(console, arguments); }\n\nWARN(\"Showing only important stuff\");\nINFO(\"Showing semi-important stuff too\");\nDEBUG(\"Extra chatty mode\");\n````\n\n***\n $ node count.js\n Showing only important stuff\n\n $ node count.js -v\n Showing only important stuff\n Showing semi-important stuff too\n\n $ node count.js -vv\n Showing only important stuff\n Showing semi-important stuff too\n Extra chatty mode\n\n $ node count.js -v --verbose\n Showing only important stuff\n Showing semi-important stuff too\n Extra chatty mode\n\nTell users how to use yer options and make demands.\n-------------------------------------------------\n\narea.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs')\n .usage('Usage: $0 -w [num] -h [num]')\n .demand(['w','h'])\n .argv;\n\nconsole.log(\"The area is:\", argv.w * argv.h);\n````\n\n***\n\n $ ./area.js -w 55 -h 11\n The area is: 605\n\n $ node ./area.js -w 4.91 -w 2.51\n Usage: area.js -w [num] -h [num]\n\n Options:\n -w [required]\n -h [required]\n\n Missing required arguments: h\n\nAfter yer demands have been met, demand more! Ask for non-hyphenated arguments!\n-----------------------------------------\n\ndemand_count.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs')\n .demand(2)\n .argv;\nconsole.dir(argv);\n````\n\n***\n\n\t$ ./demand_count.js a\n\n\tNot enough non-option arguments: got 1, need at least 2\n\n\t$ ./demand_count.js a b\n\t{ _: [ 'a', 'b' ], '$0': 'demand_count.js' }\n\n\t$ ./demand_count.js a b c\n\t{ _: [ 'a', 'b', 'c' ], '$0': 'demand_count.js' }\n\nEVEN MORE SHIVER ME TIMBERS!\n------------------\n\ndefault_singles.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs')\n .default('x', 10)\n .default('y', 10)\n .argv\n;\nconsole.log(argv.x + argv.y);\n````\n\n***\n\n $ ./default_singles.js -x 5\n 15\n\ndefault_hash.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs')\n .default({ x : 10, y : 10 })\n .argv\n;\nconsole.log(argv.x + argv.y);\n````\n\n***\n\n $ ./default_hash.js -y 7\n 17\n\nAnd if you really want to get all descriptive about it...\n---------------------------------------------------------\n\nboolean_single.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs')\n .boolean('v')\n .argv\n;\nconsole.dir(argv.v);\nconsole.dir(argv._);\n````\n\n***\n\n $ ./boolean_single.js -v \"me hearties\" yo ho\n true\n [ 'me hearties', 'yo', 'ho' ]\n\n\nboolean_double.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs')\n .boolean(['x','y','z'])\n .argv\n;\nconsole.dir([ argv.x, argv.y, argv.z ]);\nconsole.dir(argv._);\n````\n\n***\n\n $ ./boolean_double.js -x -z one two three\n [ true, false, true ]\n [ 'one', 'two', 'three' ]\n\nYargs is here to help you...\n---------------------------\n\nYe can describe parameters fer help messages and set aliases. Yargs figures\nout how ter format a handy help string automatically.\n\nline_count.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs')\n .usage('Usage: $0 [options]')\n .command('count', 'Count the lines in a file')\n .demand(1)\n .example('$0 count -f foo.js', 'count the lines in the given file')\n .demand('f')\n .alias('f', 'file')\n .nargs('f', 1)\n .describe('f', 'Load a file')\n .help('h')\n .alias('h', 'help')\n .epilog('copyright 2015')\n .argv;\n\nvar fs = require('fs');\nvar s = fs.createReadStream(argv.file);\n\nvar lines = 0;\ns.on('data', function (buf) {\n lines += buf.toString().match(/\\n/g).length;\n});\n\ns.on('end', function () {\n console.log(lines);\n});\n````\n\n***\n $ node line_count.js count\n Usage: line_count.js [options]\n\n Commands:\n count Count the lines in a file\n\n Options:\n -f, --file Load a file [required]\n -h, --help Show help [boolean]\n\n Examples:\n line_count.js count -f foo.js count the lines in the given file\n\n copyright 2015\n\n Missing required arguments: f\n\n $ node line_count.js count --file line_count.js\n 26\n\n $ node line_count.js count -f line_count.js\n 26\n\nmethods\n=======\n\nBy itself,\n\n````javascript\nrequire('yargs').argv\n````\n\nwill use the `process.argv` array to construct the `argv` object.\n\nYou can pass in the `process.argv` yourself:\n\n````javascript\nrequire('yargs')([ '-x', '1', '-y', '2' ]).argv\n````\n\nor use `.parse()` to do the same thing:\n\n````javascript\nrequire('yargs').parse([ '-x', '1', '-y', '2' ])\n````\n\nThe rest of these methods below come in just before the terminating `.argv`.\n\n.alias(key, alias)\n------------------\n\nSet key names as equivalent such that updates to a key will propagate to aliases\nand vice-versa.\n\nOptionally `.alias()` can take an object that maps keys to aliases.\nEach key of this object should be the canonical version of the option, and each\nvalue should be a string or an array of strings.\n\n.argv\n-----\n\nGet the arguments as a plain old object.\n\nArguments without a corresponding flag show up in the `argv._` array.\n\nThe script name or node command is available at `argv.$0` similarly to how `$0`\nworks in bash or perl.\n\nIf `yargs` is executed in an environment that embeds node and there's no script name (e.g.\n[Electron](http://electron.atom.io/) or [nw.js](http://nwjs.io/)), it will ignore the first parameter since it\nexpects it to be the script name. In order to override this behavior, use `.parse(process.argv.slice(1))`\ninstead of `.argv` and the first parameter won't be ignored.\n\n.array(key)\n----------\n\nTell the parser to interpret `key` as an array. If `.array('foo')` is set,\n`--foo foo bar` will be parsed as `['foo', 'bar']` rather than as `'foo'`.\n\n.boolean(key)\n-------------\n\nInterpret `key` as a boolean. If a non-flag option follows `key` in\n`process.argv`, that string won't get set as the value of `key`.\n\n`key` will default to `false`, unless a `default(key, undefined)` is\nexplicitly set.\n\nIf `key` is an array, interpret all the elements as booleans.\n\n.check(fn)\n----------\n\nCheck that certain conditions are met in the provided arguments.\n\n`fn` is called with two arguments, the parsed `argv` hash and an array of options and their aliases.\n\nIf `fn` throws or returns a non-truthy value, show the thrown error, usage information, and\nexit.\n\n.choices(key, choices)\n----------------------\n\nLimit valid values for `key` to a predefined set of `choices`, given as an array\nor as an individual value.\n\n```js\nvar argv = require('yargs')\n .alias('i', 'ingredient')\n .describe('i', 'choose your sandwich ingredients')\n .choices('i', ['peanut-butter', 'jelly', 'banana', 'pickles'])\n .help('help')\n .argv\n```\n\nIf this method is called multiple times, all enumerated values will be merged\ntogether. Choices are generally strings or numbers, and value matching is\ncase-sensitive.\n\nOptionally `.choices()` can take an object that maps multiple keys to their\nchoices.\n\nChoices can also be specified as `choices` in the object given to `option()`.\n\n```js\nvar argv = require('yargs')\n .option('size', {\n alias: 's',\n describe: 'choose a size',\n choices: ['xs', 's', 'm', 'l', 'xl']\n })\n .argv\n```\n\n.command(cmd, desc, [builder], [handler])\n-------------------\n.command(cmd, desc, [module])\n-------------------\n\nDocument the commands exposed by your application.\n\nUse `desc` to provide a description for each command your application accepts (the\nvalues stored in `argv._`). Set `desc` to `false` to create a hidden command.\nHidden commands don't show up in the help output and aren't available for\ncompletion.\n\nOptionally, you can provide a `builder` object to give hints about the\noptions that your command accepts:\n\n```js\nyargs.command('get', 'make a get HTTP request', {\n url: {\n alias: 'u',\n default: 'http://yargs.js.org/'\n }\n })\n .help()\n .argv\n```\n\n`builder` can also be a function. This function is executed\nwith a `yargs` instance, and can be used to provide _advanced_ command specific help:\n\n```js\nyargs.command('get', 'make a get HTTP request', function (yargs) {\n return yargs.option('url', {\n alias: 'u',\n default: 'http://yargs.js.org/'\n })\n })\n .help()\n .argv\n```\n\nYou can also provide a handler function, which will be executed with the\nparsed `argv` object:\n\n```js\nyargs\n .command(\n 'get',\n 'make a get HTTP request',\n function (yargs) {\n return yargs.option('u', {\n alias: 'url',\n describe: 'the URL to make an HTTP request to'\n })\n },\n function (argv) {\n console.log(argv.url)\n }\n )\n .help()\n .argv\n```\n\n### Positional Arguments\n\nCommands can accept _optional_ and _required_ positional arguments. Required\npositional arguments take the form ``, and optional arguments\ntake the form `[bar]`. The parsed positional arguments will be populated in\n`argv`:\n\n```js\nyargs.command('get [proxy]', 'make a get HTTP request')\n .help()\n .argv\n```\n\n### Providing a Command Module\n\nFor complicated commands you can pull the logic into a module. A module\nsimply needs to export:\n\n* `exports.builder`: which describes the options that a command accepts.\n* `exports.handler`: a function which will be passed the parsed argv.\n\n```js\n// my-module.js\nexports.builder = {\n banana: {\n default: 'cool'\n },\n batman: {\n default: 'sad'\n }\n}\n\nexports.handler = function (argv) {\n // do something with argv.\n}\n```\n\nYou then register the module like so:\n\n```js\nyargs.command('get [proxy]', 'make a get HTTP request', require('my-module'))\n .help()\n .argv\n```\n\n.completion(cmd, [description], [fn]);\n-------------\n\nEnable bash-completion shortcuts for commands and options.\n\n`cmd`: When present in `argv._`, will result in the `.bashrc` completion script\nbeing outputted. To enable bash completions, concat the generated script to your\n`.bashrc` or `.bash_profile`.\n\n`description`: Provide a description in your usage instructions for the command\nthat generates bash completion scripts.\n\n`fn`: Rather than relying on yargs' default completion functionality, which\nshiver me timbers is pretty awesome, you can provide your own completion\nmethod.\n\n```js\nvar argv = require('yargs')\n .completion('completion', function(current, argv) {\n // 'current' is the current command being completed.\n // 'argv' is the parsed arguments so far.\n // simply return an array of completions.\n return [\n 'foo',\n 'bar'\n ];\n })\n .argv;\n```\n\nYou can also provide asynchronous completions.\n\n```js\nvar argv = require('yargs')\n .completion('completion', function(current, argv, done) {\n setTimeout(function() {\n done([\n 'apple',\n 'banana'\n ]);\n }, 500);\n })\n .argv;\n```\n\nBut wait, there's more! You can return an asynchronous promise.\n\n```js\nvar argv = require('yargs')\n .completion('completion', function(current, argv, done) {\n return new Promise(function (resolve, reject) {\n setTimeout(function () {\n resolve(['apple', 'banana'])\n }, 10)\n })\n })\n .argv;\n```\n\n.config(key, [description], [parseFn])\n------------\n\nTells the parser that if the option specified by `key` is passed in, it\nshould be interpreted as a path to a JSON config file. The file is loaded\nand parsed, and its properties are set as arguments.\n\nAn optional `description` can be provided to customize the config (`key`) option\nin the usage string.\n\nAn optional `parseFn` can be used to provide a custom parser. The parsing\nfunction must be synchronous, and should return an object containing\nkey value pairs or an error.\n\n```js\nvar argv = require('yargs')\n .config('settings', function (configPath) {\n return JSON.parse(fs.readFileSync(configPath, 'utf-8'))\n })\n .argv\n```\n\n.count(key)\n------------\n\nInterpret `key` as a boolean flag, but set its parsed value to the number of\nflag occurrences rather than `true` or `false`. Default value is thus `0`.\n\n.default(key, value, [description])\n--------------------\n\nSet `argv[key]` to `value` if no option was specified in `process.argv`.\n\nOptionally `.default()` can take an object that maps keys to default values.\n\nBut wait, there's more! The default value can be a `function` which returns\na value. The name of the function will be used in the usage string:\n\n```js\nvar argv = require('yargs')\n .default('random', function randomValue() {\n return Math.random() * 256;\n }).argv;\n```\n\nOptionally, `description` can also be provided and will take precedence over\ndisplaying the value in the usage instructions:\n\n```js\n.default('timeout', 60000, '(one-minute)')\n```\n\n.demand(key, [msg | boolean])\n------------------------------\n.demand(count, [max], [msg])\n------------------------------\n\nIf `key` is a string, show the usage information and exit if `key` wasn't\nspecified in `process.argv`.\n\nIf `key` is a number, demand at least as many non-option arguments, which show\nup in `argv._`. A second number can also optionally be provided, which indicates\nthe maximum number of non-option arguments.\n\nIf `key` is an array, demand each element.\n\nIf a `msg` string is given, it will be printed when the argument is missing,\ninstead of the standard error message. This is especially helpful for the non-option arguments in `argv._`.\n\nIf a `boolean` value is given, it controls whether the option is demanded;\nthis is useful when using `.options()` to specify command line parameters.\n\nA combination of `.demand(1)` and `.strict()` will allow you to require a user to pass at least one command:\n\n```js\nvar argv = require('yargs')\n .command('install', 'tis a mighty fine package to install')\n .demand(1)\n .strict()\n .argv\n```\n\nSimilarly, you can require a command and arguments at the same time:\n\n```js\nvar argv = require('yargs')\n .command('install', 'tis a mighty fine package to install')\n .demand(1, ['w', 'm'])\n .strict()\n .argv\n```\n\n.describe(key, desc)\n--------------------\n\nDescribe a `key` for the generated usage information.\n\nOptionally `.describe()` can take an object that maps keys to descriptions.\n\n.detectLocale(boolean)\n-----------\n\nShould yargs attempt to detect the os' locale? Defaults to `true`.\n\n.env([prefix])\n--------------\n\nTell yargs to parse environment variables matching the given prefix and apply\nthem to argv as though they were command line arguments.\n\nIf this method is called with no argument or with an empty string or with `true`,\nthen all env vars will be applied to argv.\n\nProgram arguments are defined in this order of precedence:\n\n1. Command line args\n2. Config file\n3. Env var\n4. Configured defaults\n\n```js\nvar argv = require('yargs')\n .env('MY_PROGRAM')\n .option('f', {\n alias: 'fruit-thing',\n default: 'apple'\n })\n .argv\nconsole.log(argv)\n```\n\n```\n$ node fruity.js\n{ _: [],\n f: 'apple',\n 'fruit-thing': 'apple',\n fruitThing: 'apple',\n '$0': 'fruity.js' }\n```\n\n```\n$ MY_PROGRAM_FRUIT_THING=banana node fruity.js\n{ _: [],\n fruitThing: 'banana',\n f: 'banana',\n 'fruit-thing': 'banana',\n '$0': 'fruity.js' }\n```\n\n```\n$ MY_PROGRAM_FRUIT_THING=banana node fruity.js -f cat\n{ _: [],\n f: 'cat',\n 'fruit-thing': 'cat',\n fruitThing: 'cat',\n '$0': 'fruity.js' }\n```\n\nEnv var parsing is disabled by default, but you can also explicitly disable it\nby calling `.env(false)`, e.g. if you need to undo previous configuration.\n\n.epilog(str)\n------------\n.epilogue(str)\n--------------\n\nA message to print at the end of the usage instructions, e.g.\n\n```js\nvar argv = require('yargs')\n .epilogue('for more information, find our manual at http://example.com');\n```\n\n.example(cmd, desc)\n-------------------\n\nGive some example invocations of your program. Inside `cmd`, the string\n`$0` will get interpolated to the current script name or node command for the\npresent script similar to how `$0` works in bash or perl.\nExamples will be printed out as part of the help message.\n\n.exitProcess(enable)\n----------------------------------\n\nBy default, yargs exits the process when the user passes a help flag, uses the\n`.version` functionality, or when validation fails. Calling\n`.exitProcess(false)` disables this behavior, enabling further actions after\nyargs have been validated.\n\n.fail(fn)\n---------\n\nMethod to execute when a failure occurs, rather than printing the failure message.\n\n`fn` is called with the failure message that would have been printed.\n\n.global(globals)\n------------\n\nIndicate that an option (or group of options) should not be reset when a command\nis executed, as an example:\n\n```js\nvar argv = require('yargs')\n .option('a', {\n alias: 'all',\n default: true\n })\n .option('n', {\n alias: 'none',\n default: true\n })\n .command('foo', 'foo command', function (yargs) {\n return yargs.option('b', {\n alias: 'bar'\n })\n })\n .help('help')\n .global('a')\n .argv\n```\n\nIf the `foo` command is executed the `all` option will remain, but the `none`\noption will have been eliminated.\n\n`help`, `version`, and `completion` options default to being global.\n\n.group(key(s), groupName)\n--------------------\n\nGiven a key, or an array of keys, places options under an alternative heading\nwhen displaying usage instructions, e.g.,\n\n```js\nvar yargs = require('yargs')(['--help'])\n .help()\n .group('batman', 'Heroes:')\n .describe('batman', \"world's greatest detective\")\n .wrap(null)\n .argv\n```\n***\n Heroes:\n --batman world's greatest detective\n\n Options:\n --help Show help [boolean]\n\n.help([option, [description]])\n------------------------------\n\nAdd an option (e.g. `--help`) that displays the usage string and exits the\nprocess. If present, the `description` parameter customizes the description of\nthe help option in the usage string.\n\nIf invoked without parameters, `.help()` will make `--help` the option to trigger\nhelp output.\n\nExample:\n\n```js\nvar yargs = require(\"yargs\")['--help']\n .usage(\"$0 -operand1 number -operand2 number -operation [add|subtract]\");\n .help()\n```\n\nLater on, `argv` can be retrieved with `yargs.argv`.\n\n.implies(x, y)\n--------------\n\nGiven the key `x` is set, it is required that the key `y` is set.\n\nOptionally `.implies()` can accept an object specifying multiple implications.\n\n.locale()\n---------\n\nReturn the locale that yargs is currently using.\n\nBy default, yargs will auto-detect the operating system's locale so that\nyargs-generated help content will display in the user's language.\n\nTo override this behavior with a static locale, pass the desired locale as a\nstring to this method (see below).\n\n.locale(locale)\n---------------\n\nOverride the auto-detected locale from the user's operating system with a static\nlocale. Note that the OS locale can be modified by setting/exporting the `LC_ALL`\nenvironment variable.\n\n```js\nvar argv = require('yargs')\n .usage('./$0 - follow ye instructions true')\n .option('option', {\n alias: 'o',\n describe: \"'tis a mighty fine option\",\n demand: true\n })\n .command('run', \"Arrr, ya best be knowin' what yer doin'\")\n .example('$0 run foo', \"shiver me timbers, here's an example for ye\")\n .help('help')\n .wrap(70)\n .locale('pirate')\n .argv\n```\n\n***\n\n```shell\n./test.js - follow ye instructions true\n\nChoose yer command:\n run Arrr, ya best be knowin' what yer doin'\n\nOptions for me hearties!\n --option, -o 'tis a mighty fine option [requi-yar-ed]\n --help Parlay this here code of conduct [boolean]\n\nEx. marks the spot:\n test.js run foo shiver me timbers, here's an example for ye\n\nYe be havin' to set the followin' argument land lubber: option\n```\n\nLocales currently supported:\n\n* **de:** German.\n* **en:** American English.\n* **es:** Spanish.\n* **fr:** French.\n* **id:** Indonesian.\n* **ja:** Japanese.\n* **ko:** Korean.\n* **nb:** Norwegian Bokmål.\n* **pirate:** American Pirate.\n* **pt:** Portuguese.\n* **pt_BR:** Brazilian Portuguese.\n* **tr:** Turkish.\n* **zh:** Chinese.\n\nTo submit a new translation for yargs:\n\n1. use `./locales/en.json` as a starting point.\n2. submit a pull request with the new locale file.\n\n*The [Microsoft Terminology Search](http://www.microsoft.com/Language/en-US/Search.aspx) can be useful for finding the correct terminology in your locale.*\n\n.nargs(key, count)\n-----------\n\nThe number of arguments that should be consumed after a key. This can be a\nuseful hint to prevent parsing ambiguity. For example:\n\n```js\nvar argv = require('yargs')\n .nargs('token', 1)\n .parse(['--token', '-my-token']);\n```\n\nparses as:\n\n`{ _: [], token: '-my-token', '$0': 'node test' }`\n\nOptionally `.nargs()` can take an object of `key`/`narg` pairs.\n\n.normalize(key)\n---------------\n\nThe key provided represents a path and should have `path.normalize()` applied.\n\n.option(key, opt)\n-----------------\n.options(key, opt)\n------------------\n\nInstead of chaining together `.alias().demand().default().describe().string()`, you can specify\nkeys in `opt` for each of the chainable methods.\n\nFor example:\n\n````javascript\nvar argv = require('yargs')\n .option('f', {\n alias: 'file',\n demand: true,\n default: '/etc/passwd',\n describe: 'x marks the spot',\n type: 'string'\n })\n .argv\n;\n````\n\nis the same as\n\n````javascript\nvar argv = require('yargs')\n .alias('f', 'file')\n .demand('f')\n .default('f', '/etc/passwd')\n .describe('f', 'x marks the spot')\n .string('f')\n .argv\n;\n````\n\nOptionally `.options()` can take an object that maps keys to `opt` parameters.\n\n````javascript\nvar argv = require('yargs')\n .options({\n 'f': {\n alias: 'file',\n demand: true,\n default: '/etc/passwd',\n describe: 'x marks the spot',\n type: 'string'\n }\n })\n .argv\n;\n````\n\nValid `opt` keys include:\n\n- `alias`: string or array of strings, alias(es) for the canonical option key, see [`alias()`](#alias)\n- `array`: boolean, interpret option as an array, see [`array()`](#array)\n- `boolean`: boolean, interpret option as a boolean flag, see [`boolean()`](#boolean)\n- `choices`: value or array of values, limit valid option arguments to a predefined set, see [`choices()`](#choices)\n- `config`: boolean, interpret option as a path to a JSON config file, see [`config()`](#config)\n- `configParser`: function, provide a custom config parsing function, see [`config()`](#config)\n- `count`: boolean, interpret option as a count of boolean flags, see [`count()`](#count)\n- `default`: value, set a default value for the option, see [`default()`](#default)\n- `defaultDescription`: string, use this description for the default value in help content, see [`default()`](#default)\n- `demand`/`require`/`required`: boolean or string, demand the option be given, with optional error message, see [`demand()`](#demand)\n- `desc`/`describe`/`description`: string, the option description for help content, see [`describe()`](#describe)\n- `global`: boolean, indicate that this key should not be [reset](#reset) when a command is invoked, see [`global()`](#global)\n- `group`: string, when displaying usage instructions place the option under an alternative group heading, see [`group()`](#group)\n- `nargs`: number, specify how many arguments should be consumed for the option, see [`nargs()`](#nargs)\n- `normalize`: The option should be normalized, see [`normalize()`](#normalize)\n- `requiresArg`: boolean, require the option be specified with a value, see [`requiresArg()`](#requiresArg)\n- `string`: boolean, interpret option as a string, see [`string()`](#string)\n- `number`: number, keys are treated as numbers, [`number()`](#number)\n- `type`: one of the following strings\n - `'array'`: synonymous for `array: true`, see [`array()`](#array)\n - `'boolean'`: synonymous for `boolean: true`, see [`boolean()`](#boolean)\n - `'count'`: synonymous for `count: true`, see [`count()`](#count)\n - `'string'`: synonymous for `string: true`, see [`string()`](#string)\n - `'number'`: synonymous for `number: true`, see [`number()`](#number)\n\n.parse(args)\n------------\n\nParse `args` instead of `process.argv`. Returns the `argv` object.\n\n`args` may either be a pre-processed argv array, or a raw argument string.\n\n.pkgConf(key, [cwd])\n------------\n\nSimilar to [`config()`](#config), indicates that yargs should read\ndefault argument values from the specified key in package.json.\n\n`cwd` can optionally be provided, the package.json will be read\nfrom this location.\n\n.require(key, [msg | boolean])\n------------------------------\n.required(key, [msg | boolean])\n------------------------------\n\nAn alias for [`demand()`](#demand). See docs there.\n\n.requiresArg(key)\n-----------------\n\nSpecifies either a single option key (string), or an array of options that\nmust be followed by option values. If any option value is missing, show the\nusage information and exit.\n\nThe default behavior is to set the value of any key not followed by an\noption value to `true`.\n\n.reset()\n--------\n\nReset the argument object built up so far. This is useful for\ncreating nested command line interfaces. Use [global](#global)\nto specify keys that should not be reset.\n\n```js\nvar yargs = require('yargs')\n .usage('$0 command')\n .command('hello', 'hello command')\n .command('world', 'world command')\n .demand(1, 'must provide a valid command'),\n argv = yargs.argv,\n command = argv._[0];\n\nif (command === 'hello') {\n yargs.reset()\n .usage('$0 hello')\n .help('h')\n .example('$0 hello', 'print the hello message!')\n .argv\n\n console.log('hello!');\n} else if (command === 'world'){\n yargs.reset()\n .usage('$0 world')\n .help('h')\n .example('$0 world', 'print the world message!')\n .argv\n\n console.log('world!');\n} else {\n yargs.showHelp();\n}\n```\n\n.showCompletionScript()\n----------------------\n\nGenerate a bash completion script. Users of your application can install this\nscript in their `.bashrc`, and yargs will provide completion shortcuts for\ncommands and options.\n\n.showHelp(consoleLevel='error')\n---------------------------\n\nPrint the usage data using the [`console`](https://nodejs.org/api/console.html) function `consoleLevel` for printing.\n\nExample:\n\n```js\nvar yargs = require(\"yargs\")\n .usage(\"$0 -operand1 number -operand2 number -operation [add|subtract]\");\nyargs.showHelp(); //prints to stderr using console.error()\n```\n\nOr, to print the usage data to `stdout` instead, you can specify the use of `console.log`:\n\n```js\nyargs.showHelp(\"log\"); //prints to stdout using console.log()\n```\n\nLater on, `argv` can be retrieved with `yargs.argv`.\n\n.showHelpOnFail(enable, [message])\n----------------------------------\n\nBy default, yargs outputs a usage string if any error is detected. Use the\n`.showHelpOnFail()` method to customize this behavior. If `enable` is `false`,\nthe usage string is not output. If the `message` parameter is present, this\nmessage is output after the error message.\n\nline_count.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs')\n .usage('Count the lines in a file.\\nUsage: $0 -f ')\n .demand('f')\n .alias('f', 'file')\n .describe('f', 'Load a file')\n .string('f')\n .showHelpOnFail(false, 'Specify --help for available options')\n .help('help')\n .argv;\n\n// etc.\n````\n\n***\n\n```\n$ node line_count.js\nMissing argument value: f\n\nSpecify --help for available options\n```\n\n.strict()\n---------\n\nAny command-line argument given that is not demanded, or does not have a\ncorresponding description, will be reported as an error.\n\n.string(key)\n------------\n\nTell the parser logic not to interpret `key` as a number or boolean.\nThis can be useful if you need to preserve leading zeros in an input.\n\nIf `key` is an array, interpret all the elements as strings.\n\n`.string('_')` will result in non-hyphenated arguments being interpreted as strings,\nregardless of whether they resemble numbers.\n\n.number([key])\n------------\nSpecify options with a numeric argument.\n\nIf an argument is not provided with the option, will return `undefined`.\n\nIf a non-numeric argument is provided, will return a `NaN`.\n\n```js\nvar argv = require('yargs')\n .number(['n'])\n .argv\n```\n\n.updateLocale(obj)\n------------------\n.updateStrings(obj)\n------------------\n\nOverride the default strings used by yargs with the key/value\npairs provided in `obj`:\n\n```js\nvar argv = require('yargs')\n .command('run', 'the run command')\n .help('help')\n .updateStrings({\n 'Commands:': 'My Commands -->\\n'\n })\n .wrap(null)\n .argv\n```\n\n***\n\n```shell\nMy Commands -->\n\n run the run command\n\nOptions:\n --help Show help [boolean]\n```\n\nIf you explicitly specify a `locale()`, you should do so *before* calling\n`updateStrings()`.\n\n.usage(message, [opts])\n---------------------\n\nSet a usage message to show which commands to use. Inside `message`, the string\n`$0` will get interpolated to the current script name or node command for the\npresent script similar to how `$0` works in bash or perl.\n\n`opts` is optional and acts like calling `.options(opts)`.\n\n.version([option], [description], [version])\n----------------------------------------\n\nAdd an option (e.g. `--version`) that displays the version number (given by the\n`version` parameter) and exits the process.\n\nIf no arguments are passed to `version` (`.version()`), yargs will parse the `package.json`\nof your module and use its `version` value. The default value of `option` is `--version`.\n\nYou can provide a `function` for version, rather than a string.\nThis is useful if you want to use a version stored in a location other than package.json:\n\n```js\nvar argv = require('yargs')\n .version(function() {\n return require('../lib/version').version;\n })\n .argv;\n```\n\n.wrap(columns)\n--------------\n\nFormat usage output to wrap at `columns` many columns.\n\nBy default wrap will be set to `Math.min(80, windowWidth)`. Use `.wrap(null)` to\nspecify no column limit (no right-align). Use `.wrap(yargs.terminalWidth())` to\nmaximize the width of yargs' usage instructions.\n\nparsing tricks\n==============\n\nstop parsing\n------------\n\nUse `--` to stop parsing flags and stuff the remainder into `argv._`.\n\n $ node examples/reflect.js -a 1 -b 2 -- -c 3 -d 4\n { _: [ '-c', '3', '-d', '4' ],\n a: 1,\n b: 2,\n '$0': 'examples/reflect.js' }\n\nnegate fields\n-------------\n\nIf you want to explicitly set a field to false instead of just leaving it\nundefined or to override a default you can do `--no-key`.\n\n $ node examples/reflect.js -a --no-b\n { _: [], a: true, b: false, '$0': 'examples/reflect.js' }\n\nnumbers\n-------\n\nEvery argument that looks like a number (`!isNaN(Number(arg))`) is converted to\none. This way you can just `net.createConnection(argv.port)` and you can add\nnumbers out of `argv` with `+` without having that mean concatenation,\nwhich is super frustrating.\n\nduplicates\n----------\n\nIf you specify a flag multiple times it will get turned into an array containing\nall the values in order.\n\n $ node examples/reflect.js -x 5 -x 8 -x 0\n { _: [], x: [ 5, 8, 0 ], '$0': 'examples/reflect.js' }\n\ndot notation\n------------\n\nWhen you use dots (`.`s) in argument names, an implicit object path is assumed.\nThis lets you organize arguments into nested objects.\n\n $ node examples/reflect.js --foo.bar.baz=33 --foo.quux=5\n { _: [],\n foo: { bar: { baz: 33 }, quux: 5 },\n '$0': 'examples/reflect.js' }\n\nshort numbers\n-------------\n\nShort numeric `-n5` style arguments work too:\n\n $ node examples/reflect.js -n123 -m456\n { _: [], n: 123, m: 456, '$0': 'examples/reflect.js' }\n\ninstallation\n============\n\nWith [npm](https://github.com/npm/npm), just do:\n\n npm install yargs\n\nor clone this project on github:\n\n git clone http://github.com/bcoe/yargs.git\n\nTo run the tests with npm, just do:\n\n npm test\n\nconfiguration\n=============\n\nUsing the `yargs` stanza in your `package.json` you can turn on and off\nsome of yargs' parsing features:\n\n```json\n{\n \"yargs\": {\n \"short-option-groups\": true,\n \"camel-case-expansion\": true,\n \"dot-notation\": true,\n \"parse-numbers\": true,\n \"boolean-negation\": true\n }\n}\n```\n\nSee the [yargs-parser](https://github.com/yargs/yargs-parser#configuration) module\nfor detailed documentation of this feature.\n\ninspired by\n===========\n\nThis module is loosely inspired by Perl's\n[Getopt::Casual](http://search.cpan.org/~photo/Getopt-Casual-0.13.1/Casual.pm).\n\n[travis-url]: https://travis-ci.org/bcoe/yargs\n[travis-image]: https://img.shields.io/travis/bcoe/yargs.svg\n[gemnasium-url]: https://gemnasium.com/bcoe/yargs\n[gemnasium-image]: https://img.shields.io/gemnasium/bcoe/yargs.svg\n[coveralls-url]: https://coveralls.io/github/bcoe/yargs\n[coveralls-image]: https://img.shields.io/coveralls/bcoe/yargs.svg\n[npm-url]: https://www.npmjs.com/package/yargs\n[npm-image]: https://img.shields.io/npm/v/yargs.svg\n[windows-url]: https://ci.appveyor.com/project/bcoe/yargs\n[windows-image]: https://img.shields.io/appveyor/ci/bcoe/yargs/master.svg?label=Windows%20Tests\n[standard-image]: https://img.shields.io/badge/code%20style-standard-brightgreen.svg\n[standard-url]: http://standardjs.com/\n", + "readmeFilename": "README.md", + "_dependencies": { + "camelcase": "^2.0.1", + "cliui": "^3.0.3", + "decamelize": "^1.1.1", + "os-locale": "^1.4.0", + "pkg-conf": "^1.1.1", + "read-pkg-up": "^1.0.1", + "require-main-filename": "^1.0.0", + "string-width": "^1.0.1", + "window-size": "^0.2.0", + "y18n": "^3.2.0", + "yargs-parser": "^2.1.0" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/yargs", + "error": "[Circular]", + "extraneous": false + } + }, + "deprecated": false, + "description": "Generates bundledDependencies package.json value using values of the dependencies property.", + "devDependencies": { + "pragmatist": "^3.0.9" + }, + "homepage": "https://github.com/gajus/bundle-dependencies#readme", + "keywords": [ + "npm", + "bundle", + "dependencies" + ], + "license": "BSD-3-Clause", + "main": "./dist/index.js", + "name": "bundle-dependencies", + "repository": { + "type": "git", + "url": "git+https://github.com/gajus/bundle-dependencies.git" + }, + "scripts": { + "build": "npm run pragmatist build", + "lint": "npm run pragmatist lint", + "pragmatist": "pragmatist --es5", + "test": "", + "watch": "npm run pragmatist watch", + "watch-build": "npm run pragmatist watch-build", + "watch-lint": "npm run pragmatist watch-lint", + "watch-test": "" + }, + "version": "1.0.2", + "readme": "# bundle-dependencies\n\n[![NPM version](http://img.shields.io/npm/v/bundle-dependencies.svg?style=flat-square)](https://www.npmjs.org/package/bundle-dependencies)\n[![Travis build status](http://img.shields.io/travis/gajus/bundle-dependencies/master.svg?style=flat-square)](https://travis-ci.org/gajus/bundle-dependencies)\n[![js-canonical-style](https://img.shields.io/badge/code%20style-canonical-blue.svg?style=flat-square)](https://github.com/gajus/canonical)\n\nGenerates [`bundledDependencies`](https://docs.npmjs.com/files/package.json#bundleddependencies) `package.json` value using values of the dependencies property. Updates `package.json` definition using the generated `bundledDependencies` value.\n\n## Install\n\n```sh\nnpm install bundle-dependencies\n```\n\nAdd to `package.json`:\n\n```json\n{\n \"scripts\": {\n \"bundle-dependencies\": \"bundle-dependencies\"\n }\n}\n```\n\n## Options\n\n```sh\nbundle-dependencies --help\n```\n\n```\nCommands:\n list-bundled-dependencies Lists names of bundled dependencies.\n update Updates package.json bundledDependencies\n definition.\n\nOptions:\n --help Show help [boolean]\n```\n\n```sh\nbundle-dependencies update --help\n```\n\n```\nOptions:\n --help Show help [boolean]\n --exclude A space-separated list of dependencies not to include in the\n bundledDependencies definition. [array] [default: []]\n```\n\n## Usage\n\nTo simply update `bundledDependencies` of the `package.json` in the current working directory, execute the script:\n\n```sh\nnpm run bundle-dependencies update\n```\n\n## Publishing\n\nWhen publishing a package using `bundledDependencies` property, make sure that your `nodu_modules/` directory includes only bundled dependencies, i.e. the module must be install using `npm install --production [list of bundled dependencies]`. Use this script to do it:\n\n```json\n{\n \"bundle-publish\": \"npm run bundle-dependencies update; git commit -m 'Bundled dependencies.' ./package.json; git push; rm -fr ./node_modules; npm install --production $(bundle-dependencies list-bundled-dependencies); npm dedupe; npm prune; npm publish; npm install;\"\n}\n```\n", + "readmeFilename": "README.md", + "_args": [ + [ + "bundle-dependencies@1.0.2", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "optionalDependencies": {}, + "_dependencies": { + "yargs": "^4.1.0" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies", + "error": "[Circular]", + "extraneous": false + } + }, + "readme": "ERROR: No README data found!", + "_id": "demo-bundled-deps@0.0.0", + "_shrinkwrap": { + "name": "demo-bundled-deps", + "version": "0.0.0", + "lockfileVersion": 1, + "requires": true, + "dependencies": { + "bundle-dependencies": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "integrity": "sha512-fM9Q9hJcX1ZYnyjveHTptFZqpLKDO2gdxRhuB8MNSYEQvC6kImDDH2038J/tHfcuV0JRGUj8n8axDY0AnFkXfA==", + "requires": { + "yargs": "^4.1.0" + }, + "dependencies": { + "ansi-regex": { + "version": "2.0.0", + "bundled": true + }, + "builtin-modules": { + "version": "1.1.1", + "bundled": true + }, + "camelcase": { + "version": "2.1.0", + "bundled": true + }, + "cliui": { + "version": "3.1.0", + "bundled": true, + "requires": { + "string-width": "^1.0.1", + "strip-ansi": "^3.0.0", + "wrap-ansi": "^1.0.0" + } + }, + "code-point-at": { + "version": "1.0.0", + "bundled": true, + "requires": { + "number-is-nan": "^1.0.0" + } + }, + "decamelize": { + "version": "1.1.2", + "bundled": true, + "requires": { + "escape-string-regexp": "^1.0.4" + } + }, + "error-ex": { + "version": "1.3.0", + "bundled": true, + "requires": { + "is-arrayish": "^0.2.1" + } + }, + "escape-string-regexp": { + "version": "1.0.5", + "bundled": true + }, + "find-up": { + "version": "1.1.0", + "bundled": true, + "requires": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + } + }, + "graceful-fs": { + "version": "4.1.3", + "bundled": true + }, + "hosted-git-info": { + "version": "2.1.4", + "bundled": true + }, + "invert-kv": { + "version": "1.0.0", + "bundled": true + }, + "is-arrayish": { + "version": "0.2.1", + "bundled": true + }, + "is-builtin-module": { + "version": "1.0.0", + "bundled": true, + "requires": { + "builtin-modules": "^1.0.0" + } + }, + "is-fullwidth-code-point": { + "version": "1.0.0", + "bundled": true, + "requires": { + "number-is-nan": "^1.0.0" + } + }, + "is-utf8": { + "version": "0.2.1", + "bundled": true + }, + "lcid": { + "version": "1.0.0", + "bundled": true, + "requires": { + "invert-kv": "^1.0.0" + } + }, + "load-json-file": { + "version": "1.1.0", + "bundled": true, + "requires": { + "graceful-fs": "^4.1.2", + "parse-json": "^2.2.0", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0", + "strip-bom": "^2.0.0" + } + }, + "lodash.assign": { + "version": "4.0.3", + "bundled": true, + "requires": { + "lodash.keys": "^4.0.0", + "lodash.rest": "^4.0.0" + } + }, + "lodash.keys": { + "version": "4.0.3", + "bundled": true + }, + "lodash.rest": { + "version": "4.0.1", + "bundled": true + }, + "normalize-package-data": { + "version": "2.3.5", + "bundled": true, + "requires": { + "hosted-git-info": "^2.1.4", + "is-builtin-module": "^1.0.0", + "semver": "2 || 3 || 4 || 5", + "validate-npm-package-license": "^3.0.1" + } + }, + "number-is-nan": { + "version": "1.0.0", + "bundled": true + }, + "object-assign": { + "version": "4.0.1", + "bundled": true + }, + "os-locale": { + "version": "1.4.0", + "bundled": true, + "requires": { + "lcid": "^1.0.0" + } + }, + "parse-json": { + "version": "2.2.0", + "bundled": true, + "requires": { + "error-ex": "^1.2.0" + } + }, + "path-exists": { + "version": "2.1.0", + "bundled": true, + "requires": { + "pinkie-promise": "^2.0.0" + } + }, + "path-type": { + "version": "1.1.0", + "bundled": true, + "requires": { + "graceful-fs": "^4.1.2", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0" + } + }, + "pify": { + "version": "2.3.0", + "bundled": true + }, + "pinkie": { + "version": "2.0.4", + "bundled": true + }, + "pinkie-promise": { + "version": "2.0.0", + "bundled": true, + "requires": { + "pinkie": "^2.0.0" + } + }, + "pkg-conf": { + "version": "1.1.1", + "bundled": true, + "requires": { + "find-up": "^1.0.0", + "object-assign": "^4.0.1", + "read-pkg": "^1.0.0", + "symbol": "^0.2.1" + } + }, + "read-pkg": { + "version": "1.1.0", + "bundled": true, + "requires": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + } + }, + "read-pkg-up": { + "version": "1.0.1", + "bundled": true, + "requires": { + "find-up": "^1.0.0", + "read-pkg": "^1.0.0" + } + }, + "require-main-filename": { + "version": "1.0.1", + "bundled": true + }, + "semver": { + "version": "5.1.0", + "bundled": true + }, + "spdx-correct": { + "version": "1.0.2", + "bundled": true, + "requires": { + "spdx-license-ids": "^1.0.2" + } + }, + "spdx-exceptions": { + "version": "1.0.4", + "bundled": true + }, + "spdx-expression-parse": { + "version": "1.0.2", + "bundled": true, + "requires": { + "spdx-exceptions": "^1.0.4", + "spdx-license-ids": "^1.0.0" + } + }, + "spdx-license-ids": { + "version": "1.2.0", + "bundled": true + }, + "string-width": { + "version": "1.0.1", + "bundled": true, + "requires": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + } + }, + "strip-ansi": { + "version": "3.0.1", + "bundled": true, + "requires": { + "ansi-regex": "^2.0.0" + } + }, + "strip-bom": { + "version": "2.0.0", + "bundled": true, + "requires": { + "is-utf8": "^0.2.0" + } + }, + "symbol": { + "version": "0.2.1", + "bundled": true + }, + "validate-npm-package-license": { + "version": "3.0.1", + "bundled": true, + "requires": { + "spdx-correct": "~1.0.0", + "spdx-expression-parse": "~1.0.0" + } + }, + "window-size": { + "version": "0.2.0", + "bundled": true + }, + "wrap-ansi": { + "version": "1.0.0", + "bundled": true, + "requires": { + "string-width": "^1.0.1" + } + }, + "y18n": { + "version": "3.2.0", + "bundled": true + }, + "yargs": { + "version": "4.1.0", + "bundled": true, + "requires": { + "camelcase": "^2.0.1", + "cliui": "^3.0.3", + "decamelize": "^1.1.1", + "os-locale": "^1.4.0", + "pkg-conf": "^1.1.1", + "read-pkg-up": "^1.0.1", + "require-main-filename": "^1.0.0", + "string-width": "^1.0.1", + "window-size": "^0.2.0", + "y18n": "^3.2.0", + "yargs-parser": "^2.1.0" + } + }, + "yargs-parser": { + "version": "2.1.0", + "bundled": true, + "requires": { + "camelcase": "^2.1.0", + "lodash.assign": "^4.0.2" + } + } + } + } + } + }, + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": { + "bundle-dependencies": "1.0.2" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "error": "[Circular]", + "extraneous": false +} diff --git a/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm6_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm6_node22_ubuntu-latest.json new file mode 100644 index 00000000..928a3112 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm6_node22_ubuntu-latest.json @@ -0,0 +1,6759 @@ +{ + "name": "demo-bundled-deps", + "private": true, + "version": "0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "license": "Apache-2.0", + "dependencies": { + "bundle-dependencies": { + "_from": "bundle-dependencies@1.0.2", + "_id": "bundle-dependencies@1.0.2", + "_integrity": "sha512-fM9Q9hJcX1ZYnyjveHTptFZqpLKDO2gdxRhuB8MNSYEQvC6kImDDH2038J/tHfcuV0JRGUj8n8axDY0AnFkXfA==", + "_location": "/bundle-dependencies", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "bundle-dependencies@1.0.2", + "name": "bundle-dependencies", + "escapedName": "bundle-dependencies", + "rawSpec": "1.0.2", + "saveSpec": null, + "fetchSpec": "1.0.2" + }, + "_requiredBy": [ + "/" + ], + "_resolved": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "_shasum": "9a5e4fa98cc7eaacf76215ee41361d1d580368a9", + "_spec": "1.0.2", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Gajus Kuizinas", + "email": "gajus@gajus.com", + "url": "http://gajus.com" + }, + "bin": { + "bundle-dependencies": "dist/bin/index.js" + }, + "bugs": { + "url": "https://github.com/gajus/bundle-dependencies/issues" + }, + "bundleDependencies": [ + "yargs" + ], + "dependencies": { + "yargs": { + "_args": [ + [ + "yargs@^4.1.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies" + ], + [ + "yargs@4.1.0", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "yargs@>=4.1.0 <5.0.0", + "_id": "yargs@4.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/yargs", + "_nodeVersion": "3.2.0", + "_npmOperationalInternal": { + "host": "packages-5-east.internal.npmjs.com", + "tmp": "tmp/yargs-4.1.0.tgz_1455554454146_0.05233815615065396" + }, + "_npmUser": { + "email": "ben@npmjs.com", + "name": "bcoe" + }, + "_npmVersion": "3.3.0", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "yargs@4.1.0", + "name": "yargs", + "escapedName": "yargs", + "rawSpec": "4.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "4.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies" + ], + "_resolved": "https://registry.npmjs.org/yargs/-/yargs-4.1.0.tgz", + "_shasum": "035e5ea466ac7fea584b00353e33eae4082b9894", + "_shrinkwrap": "[Circular]", + "_spec": "4.1.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "bugs": { + "url": "https://github.com/bcoe/yargs/issues" + }, + "dependencies": { + "camelcase": { + "_args": [ + [ + "camelcase@^2.0.1", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "camelcase@2.1.0", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "camelcase@>=2.0.1 <3.0.0", + "_id": "camelcase@2.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/camelcase", + "_nodeVersion": "4.2.4", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "3.6.0", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "camelcase@2.1.0", + "name": "camelcase", + "escapedName": "camelcase", + "rawSpec": "2.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs", + "/bundle-dependencies/yargs-parser" + ], + "_resolved": "https://registry.npmjs.org/camelcase/-/camelcase-2.1.0.tgz", + "_shasum": "533ad4cd7f8a1080ded31aba6c79b4bf437ff30c", + "_shrinkwrap": "[Circular]", + "_spec": "2.1.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "http://sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/camelcase/issues" + }, + "dependencies": {}, + "description": "Convert a dash/dot/underscore/space separated string to camelCase: foo-bar → fooBar", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "533ad4cd7f8a1080ded31aba6c79b4bf437ff30c", + "tarball": "http://registry.npmjs.org/camelcase/-/camelcase-2.1.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "9b73ccb3f48ab86eccb136c155f0eb2e67f40dc3", + "homepage": "https://github.com/sindresorhus/camelcase#readme", + "keywords": [ + "camelcase", + "camel-case", + "camel", + "case", + "dash", + "hyphen", + "dot", + "underscore", + "separator", + "string", + "text", + "convert" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "camelcase", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/camelcase.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "2.1.0", + "readme": "# camelcase [![Build Status](https://travis-ci.org/sindresorhus/camelcase.svg?branch=master)](https://travis-ci.org/sindresorhus/camelcase)\n\n> Convert a dash/dot/underscore/space separated string to camelCase: `foo-bar` → `fooBar`\n\n\n## Install\n\n```\n$ npm install --save camelcase\n```\n\n\n## Usage\n\n```js\nconst camelCase = require('camelcase');\n\ncamelCase('foo-bar');\n//=> 'fooBar'\n\ncamelCase('foo_bar');\n//=> 'fooBar'\n\ncamelCase('Foo-Bar');\n//=> 'fooBar'\n\ncamelCase('--foo.bar');\n//=> 'fooBar'\n\ncamelCase('__foo__bar__');\n//=> 'fooBar'\n\ncamelCase('foo bar');\n//=> 'fooBar'\n\nconsole.log(process.argv[3]);\n//=> '--foo-bar'\ncamelCase(process.argv[3]);\n//=> 'fooBar'\n\ncamelCase('foo', 'bar');\n//=> 'fooBar'\n\ncamelCase('__foo__', '--bar');\n//=> 'fooBar'\n```\n\n\n## Related\n\n- [decamelize](https://github.com/sindresorhus/decamelize) - The inverse of this module\n- [uppercamelcase](https://github.com/SamVerschueren/uppercamelcase) - Like this module, but to PascalCase instead of camelCase\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/camelcase", + "error": "[Circular]", + "extraneous": false + }, + "cliui": { + "_args": [ + [ + "cliui@^3.0.3", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "cliui@3.1.0", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "cliui@>=3.0.3 <4.0.0", + "_id": "cliui@3.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/cliui", + "_nodeVersion": "0.10.36", + "_npmUser": { + "email": "ben@npmjs.com", + "name": "bcoe" + }, + "_npmVersion": "2.7.5", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "cliui@3.1.0", + "name": "cliui", + "escapedName": "cliui", + "rawSpec": "3.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "3.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/cliui/-/cliui-3.1.0.tgz", + "_shasum": "a3b880308e0a8191721e0081a8c2a8b506d0abf9", + "_shrinkwrap": "[Circular]", + "_spec": "3.1.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Ben Coe", + "email": "ben@npmjs.com" + }, + "bugs": { + "url": "https://github.com/bcoe/cliui/issues" + }, + "config": { + "blanket": { + "data-cover-never": [ + "node_modules", + "test" + ], + "output-reporter": "spec", + "pattern": [ + "index.js" + ] + } + }, + "dependencies": { + "string-width": { + "_args": [ + [ + "string-width@^1.0.1", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "string-width@1.0.1", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "string-width@>=1.0.1 <2.0.0", + "_id": "string-width@1.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/string-width", + "_nodeVersion": "0.12.5", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.11.2", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "string-width@1.0.1", + "name": "string-width", + "escapedName": "string-width", + "rawSpec": "1.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.1" + }, + "_requiredBy": [ + "/bundle-dependencies/cliui", + "/bundle-dependencies/wrap-ansi", + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/string-width/-/string-width-1.0.1.tgz", + "_shasum": "c92129b6f1d7f52acf9af424a26e3864a05ceb0a", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.1", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/string-width/issues" + }, + "dependencies": {}, + "description": "Get the visual width of a string - the number of columns required to display it", + "devDependencies": { + "ava": "0.0.4" + }, + "directories": {}, + "dist": { + "shasum": "c92129b6f1d7f52acf9af424a26e3864a05ceb0a", + "tarball": "http://registry.npmjs.org/string-width/-/string-width-1.0.1.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "f279cfd14835f0a3c8df69ba18e9a3960156e135", + "homepage": "https://github.com/sindresorhus/string-width", + "keywords": [ + "string", + "str", + "character", + "char", + "unicode", + "width", + "visual", + "column", + "columns", + "fullwidth", + "full-width", + "full", + "ansi", + "escape", + "codes", + "cli", + "command-line", + "terminal", + "console", + "cjk", + "chinese", + "japanese", + "korean", + "fixed-width" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "string-width", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/string-width.git" + }, + "scripts": { + "test": "node test.js" + }, + "version": "1.0.1", + "readme": "# string-width [![Build Status](https://travis-ci.org/sindresorhus/string-width.svg?branch=master)](https://travis-ci.org/sindresorhus/string-width)\n\n> Get the visual width of a string - the number of columns required to display it\n\nSome Unicode characters are [fullwidth](https://en.wikipedia.org/wiki/Halfwidth_and_fullwidth_forms) and use double the normal width.\n\nUseful to be able to measure the actual width of command-line output.\n\n\n## Install\n\n```\n$ npm install --save string-width\n```\n\n\n## Usage\n\n```js\nvar stringWidth = require('string-width');\n\nstringWidth('古');\n//=> 2\n\nstringWidth('\\u001b[1m古\\u001b[22m');\n//=> 2\n\nstringWidth('a');\n//=> 1\n```\n\n\n## Related\n\n- [string-width-cli](https://github.com/sindresorhus/string-width-cli) - CLI for this module\n- [string-length](https://github.com/sindresorhus/string-length) - Get the real length of a string\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "error": "[Circular]", + "extraneous": false, + "_deduped": "bundle-dependencies/string-width" + }, + "strip-ansi": { + "_args": [ + [ + "strip-ansi@^3.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/cliui" + ], + [ + "strip-ansi@3.0.1", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "strip-ansi@>=3.0.0 <4.0.0", + "_id": "strip-ansi@3.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/strip-ansi", + "_nodeVersion": "0.12.7", + "_npmOperationalInternal": { + "host": "packages-9-west.internal.npmjs.com", + "tmp": "tmp/strip-ansi-3.0.1.tgz_1456057278183_0.28958667791448534" + }, + "_npmUser": { + "email": "jappelman@xebia.com", + "name": "jbnicolai" + }, + "_npmVersion": "2.11.3", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "strip-ansi@3.0.1", + "name": "strip-ansi", + "escapedName": "strip-ansi", + "rawSpec": "3.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "3.0.1" + }, + "_requiredBy": [ + "/bundle-dependencies/cliui", + "/bundle-dependencies/string-width" + ], + "_resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz", + "_shasum": "6a385fb8853d952d5ff05d0e8aaf94278dc63dcf", + "_shrinkwrap": "[Circular]", + "_spec": "3.0.1", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/chalk/strip-ansi/issues" + }, + "dependencies": { + "ansi-regex": { + "_args": [ + [ + "ansi-regex@^2.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/strip-ansi" + ], + [ + "ansi-regex@2.0.0", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "ansi-regex@>=2.0.0 <3.0.0", + "_id": "ansi-regex@2.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/ansi-regex", + "_nodeVersion": "0.12.5", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.11.2", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "ansi-regex@2.0.0", + "name": "ansi-regex", + "escapedName": "ansi-regex", + "rawSpec": "2.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/strip-ansi" + ], + "_resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.0.0.tgz", + "_shasum": "c5061b6e0ef8a81775e50f5d66151bf6bf371107", + "_shrinkwrap": "[Circular]", + "_spec": "2.0.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/ansi-regex/issues" + }, + "dependencies": {}, + "description": "Regular expression for matching ANSI escape codes", + "devDependencies": { + "mocha": "*" + }, + "directories": {}, + "dist": { + "shasum": "c5061b6e0ef8a81775e50f5d66151bf6bf371107", + "tarball": "http://registry.npmjs.org/ansi-regex/-/ansi-regex-2.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "57c3f2941a73079fa8b081e02a522e3d29913e2f", + "homepage": "https://github.com/sindresorhus/ansi-regex", + "keywords": [ + "ansi", + "styles", + "color", + "colour", + "colors", + "terminal", + "console", + "cli", + "string", + "tty", + "escape", + "formatting", + "rgb", + "256", + "shell", + "xterm", + "command-line", + "text", + "regex", + "regexp", + "re", + "match", + "test", + "find", + "pattern" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + }, + { + "name": "jbnicolai", + "email": "jappelman@xebia.com" + } + ], + "name": "ansi-regex", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/ansi-regex.git" + }, + "scripts": { + "test": "mocha test/test.js", + "view-supported": "node test/viewCodes.js" + }, + "version": "2.0.0", + "readme": "# ansi-regex [![Build Status](https://travis-ci.org/sindresorhus/ansi-regex.svg?branch=master)](https://travis-ci.org/sindresorhus/ansi-regex)\n\n> Regular expression for matching [ANSI escape codes](http://en.wikipedia.org/wiki/ANSI_escape_code)\n\n\n## Install\n\n```\n$ npm install --save ansi-regex\n```\n\n\n## Usage\n\n```js\nvar ansiRegex = require('ansi-regex');\n\nansiRegex().test('\\u001b[4mcake\\u001b[0m');\n//=> true\n\nansiRegex().test('cake');\n//=> false\n\n'\\u001b[4mcake\\u001b[0m'.match(ansiRegex());\n//=> ['\\u001b[4m', '\\u001b[0m']\n```\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/ansi-regex", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Strip ANSI escape codes", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "6a385fb8853d952d5ff05d0e8aaf94278dc63dcf", + "tarball": "http://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "8270705c704956da865623e564eba4875c3ea17f", + "homepage": "https://github.com/chalk/strip-ansi", + "keywords": [ + "strip", + "trim", + "remove", + "ansi", + "styles", + "color", + "colour", + "colors", + "terminal", + "console", + "string", + "tty", + "escape", + "formatting", + "rgb", + "256", + "shell", + "xterm", + "log", + "logging", + "command-line", + "text" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + }, + { + "name": "jbnicolai", + "email": "jappelman@xebia.com" + } + ], + "name": "strip-ansi", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/chalk/strip-ansi.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "3.0.1", + "readme": "# strip-ansi [![Build Status](https://travis-ci.org/chalk/strip-ansi.svg?branch=master)](https://travis-ci.org/chalk/strip-ansi)\n\n> Strip [ANSI escape codes](http://en.wikipedia.org/wiki/ANSI_escape_code)\n\n\n## Install\n\n```\n$ npm install --save strip-ansi\n```\n\n\n## Usage\n\n```js\nvar stripAnsi = require('strip-ansi');\n\nstripAnsi('\\u001b[4mcake\\u001b[0m');\n//=> 'cake'\n```\n\n\n## Related\n\n- [strip-ansi-cli](https://github.com/chalk/strip-ansi-cli) - CLI for this module\n- [has-ansi](https://github.com/chalk/has-ansi) - Check if a string has ANSI escape codes\n- [ansi-regex](https://github.com/chalk/ansi-regex) - Regular expression for matching ANSI escape codes\n- [chalk](https://github.com/chalk/chalk) - Terminal string styling done right\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "ansi-regex": "^2.0.0" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-ansi", + "error": "[Circular]", + "extraneous": false + }, + "wrap-ansi": { + "_args": [ + [ + "wrap-ansi@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/cliui" + ], + [ + "wrap-ansi@1.0.0", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "wrap-ansi@>=1.0.0 <2.0.0", + "_id": "wrap-ansi@1.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/wrap-ansi", + "_nodeVersion": "1.1.0", + "_npmUser": { + "email": "bencoe@gmail.com", + "name": "bcoe" + }, + "_npmVersion": "3.3.6", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "wrap-ansi@1.0.0", + "name": "wrap-ansi", + "escapedName": "wrap-ansi", + "rawSpec": "1.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/cliui" + ], + "_resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-1.0.0.tgz", + "_shasum": "f573bb9ee23cf43891f3362f5f359a1dfa38fc34", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/chalk/wrap-ansi/issues" + }, + "dependencies": { + "string-width": { + "_args": "[Circular]", + "_from": "string-width@>=1.0.1 <2.0.0", + "_id": "string-width@1.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/string-width", + "_nodeVersion": "0.12.5", + "_npmUser": "[Circular]", + "_npmVersion": "2.11.2", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "string-width@1.0.1", + "name": "string-width", + "escapedName": "string-width", + "rawSpec": "1.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.1" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/string-width/-/string-width-1.0.1.tgz", + "_shasum": "c92129b6f1d7f52acf9af424a26e3864a05ceb0a", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.1", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "Get the visual width of a string - the number of columns required to display it", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "f279cfd14835f0a3c8df69ba18e9a3960156e135", + "homepage": "https://github.com/sindresorhus/string-width", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "string-width", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "1.0.1", + "readme": "# string-width [![Build Status](https://travis-ci.org/sindresorhus/string-width.svg?branch=master)](https://travis-ci.org/sindresorhus/string-width)\n\n> Get the visual width of a string - the number of columns required to display it\n\nSome Unicode characters are [fullwidth](https://en.wikipedia.org/wiki/Halfwidth_and_fullwidth_forms) and use double the normal width.\n\nUseful to be able to measure the actual width of command-line output.\n\n\n## Install\n\n```\n$ npm install --save string-width\n```\n\n\n## Usage\n\n```js\nvar stringWidth = require('string-width');\n\nstringWidth('古');\n//=> 2\n\nstringWidth('\\u001b[1m古\\u001b[22m');\n//=> 2\n\nstringWidth('a');\n//=> 1\n```\n\n\n## Related\n\n- [string-width-cli](https://github.com/sindresorhus/string-width-cli) - CLI for this module\n- [string-length](https://github.com/sindresorhus/string-length) - Get the real length of a string\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "error": "[Circular]", + "extraneous": false, + "_deduped": "bundle-dependencies/string-width" + } + }, + "description": "Wordwrap a string with ANSI escape codes", + "devDependencies": { + "ava": "0.0.4", + "chalk": "^1.1.0", + "coveralls": "^2.11.4", + "has-ansi": "^2.0.0", + "nyc": "^3.2.2", + "strip-ansi": "^3.0.0", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "f573bb9ee23cf43891f3362f5f359a1dfa38fc34", + "tarball": "http://registry.npmjs.org/wrap-ansi/-/wrap-ansi-1.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "c890e95ea671779012fa73fd77b74198e8c5d09b", + "homepage": "https://github.com/chalk/wrap-ansi#readme", + "keywords": [ + "wrap", + "break", + "wordwrap", + "wordbreak", + "linewrap", + "ansi", + "styles", + "color", + "colour", + "colors", + "terminal", + "console", + "cli", + "string", + "tty", + "escape", + "formatting", + "rgb", + "256", + "shell", + "xterm", + "log", + "logging", + "command-line", + "text" + ], + "license": "MIT", + "maintainers": [ + { + "name": "bcoe", + "email": "ben@npmjs.com" + }, + { + "name": "jbnicolai", + "email": "jappelman@xebia.com" + }, + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "wrap-ansi", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/chalk/wrap-ansi.git" + }, + "scripts": { + "coverage": "nyc --reporter=text-lcov node test.js | coveralls", + "test": "xo && nyc node test.js" + }, + "version": "1.0.0", + "readme": "# wrap-ansi [![Build Status](https://travis-ci.org/chalk/wrap-ansi.svg?branch=master)](https://travis-ci.org/chalk/wrap-ansi) [![Coverage Status](https://coveralls.io/repos/chalk/wrap-ansi/badge.svg?branch=master&service=github)](https://coveralls.io/github/chalk/wrap-ansi?branch=master)\n\n> Wordwrap a string with [ANSI escape codes](http://en.wikipedia.org/wiki/ANSI_escape_code#Colors_and_Styles)\n\n\n## Install\n\n```\n$ npm install --save wrap-ansi\n```\n\n\n## Usage\n\n```js\nconst chalk = require('chalk');\nconst wrapAnsi = require('wrap-ansi');\n\nconst input = 'The quick brown ' + chalk.red('fox jumped over ') +\n\t'the lazy ' + chalk.green('dog and then ran away with the unicorn.');\n\nconsole.log(wrapAnsi(input, 20));\n```\n\n\n\n\n## API\n\n### wrapAnsi(input, columns, [options])\n\nWrap words to the specified column width.\n\n#### input\n\nType: `string`\n\nString with ANSI escape codes. Like one styled by [`chalk`](https://github.com/chalk/chalk).\n\n#### columns\n\nType: `number`\n\nNumber of columns to wrap the text to.\n\n#### options.hard\n\nType: `boolean` \nDefault: `false`\n\nBy default the wrap is soft, meaning long words may extend past the column width. Setting this to `true` will make it hard wrap at the column width.\n\n\n## Related\n\n- [slice-ansi](https://github.com/chalk/slice-ansi) - Slice a string with ANSI escape codes\n- [chalk](https://github.com/chalk/chalk) - Terminal string styling done right\n- [jsesc](https://github.com/mathiasbynens/jsesc) - Generate ASCII-only output from Unicode strings. Useful for creating test fixtures.\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "string-width": "^1.0.1" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/wrap-ansi", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "easily create complex multi-column command-line-interfaces", + "devDependencies": { + "chai": "^3.3.0", + "chalk": "^1.1.1", + "coveralls": "^2.11.4", + "mocha": "^2.3.3", + "nyc": "^3.2.2", + "standard": "^5.3.1" + }, + "directories": {}, + "dist": { + "shasum": "a3b880308e0a8191721e0081a8c2a8b506d0abf9", + "tarball": "http://registry.npmjs.org/cliui/-/cliui-3.1.0.tgz" + }, + "gitHead": "c8eb1b4aa6d2efdb5bc4903fb1fa6e9f7f066a72", + "homepage": "https://github.com/bcoe/cliui", + "keywords": [ + "cli", + "command-line", + "layout", + "design", + "console", + "wrap", + "table" + ], + "license": "ISC", + "main": "index.js", + "maintainers": [ + { + "name": "bcoe", + "email": "ben@npmjs.com" + } + ], + "name": "cliui", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+ssh://git@github.com/bcoe/cliui.git" + }, + "scripts": { + "coverage": "nyc --reporter=text-lcov mocha | coveralls", + "test": "standard && nyc mocha" + }, + "standard": { + "globals": [ + "it" + ], + "ignore": [ + "**/example/**" + ] + }, + "version": "3.1.0", + "readme": "# cliui\n\n[![Build Status](https://travis-ci.org/bcoe/cliui.png)](https://travis-ci.org/bcoe/cliui)\n[![Coverage Status](https://coveralls.io/repos/bcoe/cliui/badge.svg?branch=)](https://coveralls.io/r/bcoe/cliui?branch=)\n[![NPM version](https://img.shields.io/npm/v/cliui.svg)](https://www.npmjs.com/package/cliui)\n\neasily create complex multi-column command-line-interfaces.\n\n## Example\n\n```js\nvar ui = require('cliui')({\n width: 80\n})\n\nui.div('Usage: $0 [command] [options]')\n\nui.div({\n text: 'Options:',\n padding: [2, 0, 2, 0]\n})\n\nui.div(\n {\n text: \"-f, --file\",\n width: 20,\n padding: [0, 4, 0, 4]\n },\n {\n text: \"the file to load.\" +\n chalk.green(\"(if this description is long it wraps).\")\n ,\n width: 20\n },\n {\n text: chalk.red(\"[required]\"),\n align: 'right'\n }\n)\n\nconsole.log(ui.toString())\n```\n\n\n\n## Layout DSL\n\ncliui exposes a simple layout DSL:\n\nIf you create a single `ui.row`, passing a string rather than an\nobject:\n\n* `\\n`: characters will be interpreted as new rows.\n* `\\t`: characters will be interpreted as new columns.\n* `\\s`: characters will be interpreted as padding.\n\n**as an example...**\n\n```js\nvar ui = require('./')({\n width: 60\n})\n\nui.div(\n 'Usage: node ./bin/foo.js\\n' +\n ' \\t provide a regex\\n' +\n ' \\t provide a glob\\t [required]'\n)\n\nconsole.log(ui.toString())\n```\n\n**will output:**\n\n```shell\nUsage: node ./bin/foo.js\n provide a regex\n provide a glob [required]\n```\n\n## Methods\n\n```js\ncliui = require('cliui')\n```\n\n### cliui({width: integer})\n\nSpecify the maximum width of the UI being generated.\n\n### cliui({wrap: boolean})\n\nEnable or disable the wrapping of text in a column.\n\n### cliui.div(column, column, column)\n\nCreate a row with any number of columns, a column\ncan either be a string, or an object with the following\noptions:\n\n* **width:** the width of a column.\n* **align:** alignment, `right` or `center`.\n* **padding:** `[top, right, bottom, left]`.\n* **border:** should a border be placed around the div?\n\n### cliui.span(column, column, column)\n\nSimilar to `div`, except the next row will be appended without\na new line being created.\n", + "readmeFilename": "README.md", + "_dependencies": { + "string-width": "^1.0.1", + "strip-ansi": "^3.0.0", + "wrap-ansi": "^1.0.0" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/cliui", + "error": "[Circular]", + "extraneous": false + }, + "decamelize": { + "_args": [ + [ + "decamelize@^1.1.1", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "decamelize@1.1.2", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "decamelize@>=1.1.1 <2.0.0", + "_id": "decamelize@1.1.2", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/decamelize", + "_nodeVersion": "4.2.1", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.14.7", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "decamelize@1.1.2", + "name": "decamelize", + "escapedName": "decamelize", + "rawSpec": "1.1.2", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.2" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/decamelize/-/decamelize-1.1.2.tgz", + "_shasum": "dcc93727be209632e98b02718ef4cb79602322f2", + "_shrinkwrap": "[Circular]", + "_spec": "1.1.2", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/decamelize/issues" + }, + "dependencies": { + "escape-string-regexp": { + "_args": [ + [ + "escape-string-regexp@^1.0.4", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/decamelize" + ], + [ + "escape-string-regexp@1.0.5", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "escape-string-regexp@>=1.0.4 <2.0.0", + "_id": "escape-string-regexp@1.0.5", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/escape-string-regexp", + "_nodeVersion": "4.2.6", + "_npmOperationalInternal": { + "host": "packages-9-west.internal.npmjs.com", + "tmp": "tmp/escape-string-regexp-1.0.5.tgz_1456059312074_0.7245344955008477" + }, + "_npmUser": { + "email": "jappelman@xebia.com", + "name": "jbnicolai" + }, + "_npmVersion": "2.14.12", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "escape-string-regexp@1.0.5", + "name": "escape-string-regexp", + "escapedName": "escape-string-regexp", + "rawSpec": "1.0.5", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.5" + }, + "_requiredBy": [ + "/bundle-dependencies/decamelize" + ], + "_resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "_shasum": "1b61c0562190a8dff6ae3bb2cf0200ca130b86d4", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.5", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues" + }, + "dependencies": {}, + "description": "Escape RegExp special characters", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "1b61c0562190a8dff6ae3bb2cf0200ca130b86d4", + "tarball": "http://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz" + }, + "engines": { + "node": ">=0.8.0" + }, + "files": [ + "index.js" + ], + "gitHead": "db124a3e1aae9d692c4899e42a5c6c3e329eaa20", + "homepage": "https://github.com/sindresorhus/escape-string-regexp", + "keywords": [ + "escape", + "regex", + "regexp", + "re", + "regular", + "expression", + "string", + "str", + "special", + "characters" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + }, + { + "name": "jbnicolai", + "email": "jappelman@xebia.com" + } + ], + "name": "escape-string-regexp", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "1.0.5", + "readme": "# escape-string-regexp [![Build Status](https://travis-ci.org/sindresorhus/escape-string-regexp.svg?branch=master)](https://travis-ci.org/sindresorhus/escape-string-regexp)\n\n> Escape RegExp special characters\n\n\n## Install\n\n```\n$ npm install --save escape-string-regexp\n```\n\n\n## Usage\n\n```js\nconst escapeStringRegexp = require('escape-string-regexp');\n\nconst escapedString = escapeStringRegexp('how much $ for a unicorn?');\n//=> 'how much \\$ for a unicorn\\?'\n\nnew RegExp(escapedString);\n```\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/escape-string-regexp", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Convert a camelized string into a lowercased one with a custom separator: unicornRainbow → unicorn_rainbow", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "dcc93727be209632e98b02718ef4cb79602322f2", + "tarball": "http://registry.npmjs.org/decamelize/-/decamelize-1.1.2.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "82c87d3382126375ab0c3b7f5438bfd5eccb18c3", + "homepage": "https://github.com/sindresorhus/decamelize", + "keywords": [ + "decamelize", + "decamelcase", + "camelcase", + "lowercase", + "case", + "dash", + "hyphen", + "string", + "str", + "text", + "convert" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "decamelize", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/decamelize.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "1.1.2", + "readme": "# decamelize [![Build Status](https://travis-ci.org/sindresorhus/decamelize.svg?branch=master)](https://travis-ci.org/sindresorhus/decamelize)\n\n> Convert a camelized string into a lowercased one with a custom separator \n> Example: `unicornRainbow` → `unicorn_rainbow`\n\n\n## Install\n\n```\n$ npm install --save decamelize\n```\n\n\n## Usage\n\n```js\nconst decamelize = require('decamelize');\n\ndecamelize('unicornRainbow');\n//=> 'unicorn_rainbow'\n\ndecamelize('unicornRainbow', '-');\n//=> 'unicorn-rainbow'\n```\n\n\n## API\n\n### decamelize(input, [separator])\n\n#### input\n\nType: `string`\n\n#### separator\n\nType: `string` \nDefault: `_`\n\n\n## Related\n\nSee [`camelcase`](https://github.com/sindresorhus/camelcase) for the inverse.\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "escape-string-regexp": "^1.0.4" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/decamelize", + "error": "[Circular]", + "extraneous": false + }, + "os-locale": { + "_args": [ + [ + "os-locale@^1.4.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "os-locale@1.4.0", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "os-locale@>=1.4.0 <2.0.0", + "_id": "os-locale@1.4.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/os-locale", + "_nodeVersion": "3.0.0", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.13.3", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "os-locale@1.4.0", + "name": "os-locale", + "escapedName": "os-locale", + "rawSpec": "1.4.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.4.0" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/os-locale/-/os-locale-1.4.0.tgz", + "_shasum": "20f9f17ae29ed345e8bde583b13d2009803c14d9", + "_shrinkwrap": "[Circular]", + "_spec": "1.4.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/os-locale/issues" + }, + "dependencies": { + "lcid": { + "_args": [ + [ + "lcid@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/os-locale" + ], + [ + "lcid@1.0.0", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "lcid@>=1.0.0 <2.0.0", + "_id": "lcid@1.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/lcid", + "_nodeVersion": "0.12.0", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.5.1", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "lcid@1.0.0", + "name": "lcid", + "escapedName": "lcid", + "rawSpec": "1.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/os-locale" + ], + "_resolved": "https://registry.npmjs.org/lcid/-/lcid-1.0.0.tgz", + "_shasum": "308accafa0bc483a3867b4b6f2b9506251d1b835", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/lcid/issues" + }, + "dependencies": { + "invert-kv": { + "_args": [ + [ + "invert-kv@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/lcid" + ], + [ + "invert-kv@1.0.0", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "invert-kv@>=1.0.0 <2.0.0", + "_id": "invert-kv@1.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/invert-kv", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "1.4.21", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "invert-kv@1.0.0", + "name": "invert-kv", + "escapedName": "invert-kv", + "rawSpec": "1.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/lcid" + ], + "_resolved": "https://registry.npmjs.org/invert-kv/-/invert-kv-1.0.0.tgz", + "_shasum": "104a8e4aaca6d3d8cd157a8ef8bfab2d7a3ffdb6", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "http://sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/invert-kv/issues" + }, + "dependencies": {}, + "description": "Invert the key/value of an object. Example: {foo: 'bar'} → {bar: 'foo'}", + "devDependencies": { + "mocha": "*" + }, + "directories": {}, + "dist": { + "shasum": "104a8e4aaca6d3d8cd157a8ef8bfab2d7a3ffdb6", + "tarball": "http://registry.npmjs.org/invert-kv/-/invert-kv-1.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "c28c3a15abcde3f67bd90f90f8ffe54a5f8cb04e", + "homepage": "https://github.com/sindresorhus/invert-kv", + "keywords": [ + "object", + "obj", + "key", + "value", + "val", + "kv", + "invert" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "invert-kv", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/invert-kv.git" + }, + "scripts": { + "test": "mocha" + }, + "version": "1.0.0", + "readme": "# invert-kv [![Build Status](https://travis-ci.org/sindresorhus/invert-kv.svg?branch=master)](https://travis-ci.org/sindresorhus/invert-kv)\n\n> Invert the key/value of an object. Example: `{foo: 'bar'}` → `{bar: 'foo'}`\n\n\n## Install\n\n```sh\n$ npm install --save invert-kv\n```\n\n\n## Usage\n\n```js\nvar invertKv = require('invert-kv');\n\ninvertKv({foo: 'bar', unicorn: 'rainbow'});\n//=> {bar: 'foo', rainbow: 'unicorn'}\n```\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/invert-kv", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Mapping between standard locale identifiers and Windows locale identifiers (LCID)", + "devDependencies": { + "ava": "0.0.4" + }, + "directories": {}, + "dist": { + "shasum": "308accafa0bc483a3867b4b6f2b9506251d1b835", + "tarball": "http://registry.npmjs.org/lcid/-/lcid-1.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js", + "lcid.json" + ], + "gitHead": "96bb3e617f77f5f8ceb78653c77de5a85abb3b1e", + "homepage": "https://github.com/sindresorhus/lcid", + "keywords": [ + "lcid", + "locale", + "string", + "str", + "id", + "identifier", + "windows", + "language", + "lang", + "map", + "mapping", + "convert", + "json", + "bcp47", + "ietf", + "tag" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "lcid", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/lcid.git" + }, + "scripts": { + "test": "node test.js" + }, + "version": "1.0.0", + "readme": "# lcid [![Build Status](https://travis-ci.org/sindresorhus/lcid.svg?branch=master)](https://travis-ci.org/sindresorhus/lcid)\n\n> Mapping between [standard locale identifiers](http://en.wikipedia.org/wiki/Locale) and [Windows locale identifiers (LCID)](http://en.wikipedia.org/wiki/Locale#Specifics_for_Microsoft_platforms)\n\nBased on the [mapping](https://github.com/python/cpython/blob/be2a1a76fa43bb1ea1b3577bb5bdd506a2e90e37/Lib/locale.py#L1395-L1604) used in the Python standard library.\n\nThe mapping itself is just a [JSON file](lcid.json) and can be used wherever.\n\n\n## Install\n\n```\n$ npm install --save lcid\n```\n\n\n## Usage\n\n```js\nvar lcid = require('lcid');\n\nlcid.from(1044);\n//=> 'nb_NO'\n\nlcid.to('nb_NO');\n//=> 1044\n\nlcid.all;\n//=> {'af_ZA': 1078, ...}\n```\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "invert-kv": "^1.0.0" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lcid", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Get the system locale", + "devDependencies": { + "ava": "*", + "require-uncached": "^1.0.2", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "20f9f17ae29ed345e8bde583b13d2009803c14d9", + "tarball": "http://registry.npmjs.org/os-locale/-/os-locale-1.4.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "b5c88233910b2e959fe84d841addb7a15e1cc813", + "homepage": "https://github.com/sindresorhus/os-locale", + "keywords": [ + "locale", + "lang", + "language", + "system", + "os", + "string", + "str", + "user", + "country", + "id", + "identifier", + "region" + ], + "license": "MIT", + "maintainers": [ + { + "name": "abg", + "email": "andrewbgoode@gmail.com" + }, + { + "name": "bcoe", + "email": "ben@npmjs.com" + }, + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "os-locale", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/os-locale.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "1.4.0", + "readme": "# os-locale [![Build Status](https://travis-ci.org/sindresorhus/os-locale.svg?branch=master)](https://travis-ci.org/sindresorhus/os-locale)\n\n> Get the system [locale](http://en.wikipedia.org/wiki/Locale)\n\nUseful for localizing your module or app.\n\nPOSIX systems: The returned locale refers to the [`LC_MESSAGE`](http://www.gnu.org/software/libc/manual/html_node/Locale-Categories.html#Locale-Categories) category, suitable for selecting the language used in the user interface for message translation.\n\n\n## Install\n\n```\n$ npm install --save os-locale\n```\n\n\n## Usage\n\n```js\nvar osLocale = require('os-locale');\n\nosLocale(function (err, locale) {\n\tconsole.log(locale);\n\t//=> 'en_US'\n});\n```\n\n\n## API\n\n### osLocale([options], callback(error, locale))\n\n### osLocale.sync([options])\n\nReturns the locale.\n\n#### options.spawn\n\nType: `boolean` \nDefault: `true`\n\nSet to `false` to avoid spawning subprocesses and instead only resolve the locale from environment variables.\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "lcid": "^1.0.0" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/os-locale", + "error": "[Circular]", + "extraneous": false + }, + "pkg-conf": { + "_args": [ + [ + "pkg-conf@^1.1.1", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "pkg-conf@1.1.1", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "pkg-conf@>=1.1.1 <2.0.0", + "_id": "pkg-conf@1.1.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/pkg-conf", + "_nodeVersion": "4.2.4", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "3.6.0", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "pkg-conf@1.1.1", + "name": "pkg-conf", + "escapedName": "pkg-conf", + "rawSpec": "1.1.1", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.1" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/pkg-conf/-/pkg-conf-1.1.1.tgz", + "_shasum": "a3caee3fb9c23ab4abad3baaea02f0001c75f200", + "_shrinkwrap": "[Circular]", + "_spec": "1.1.1", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/pkg-conf/issues" + }, + "dependencies": { + "find-up": { + "_args": [ + [ + "find-up@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/pkg-conf" + ], + [ + "find-up@1.1.0", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "find-up@>=1.0.0 <2.0.0", + "_id": "find-up@1.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/find-up", + "_nodeVersion": "4.2.1", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.14.7", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "find-up@1.1.0", + "name": "find-up", + "escapedName": "find-up", + "rawSpec": "1.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies/pkg-conf", + "/bundle-dependencies/read-pkg-up" + ], + "_resolved": "https://registry.npmjs.org/find-up/-/find-up-1.1.0.tgz", + "_shasum": "a63b0eec4625a2902534898a5f9eec8aaed046e9", + "_shrinkwrap": "[Circular]", + "_spec": "1.1.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/find-up/issues" + }, + "dependencies": { + "path-exists": { + "_args": [ + [ + "path-exists@^2.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/find-up" + ], + [ + "path-exists@2.1.0", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "path-exists@>=2.0.0 <3.0.0", + "_id": "path-exists@2.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/path-exists", + "_nodeVersion": "4.2.1", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.14.7", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "path-exists@2.1.0", + "name": "path-exists", + "escapedName": "path-exists", + "rawSpec": "2.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies/find-up" + ], + "_resolved": "https://registry.npmjs.org/path-exists/-/path-exists-2.1.0.tgz", + "_shasum": "0feb6c64f0fc518d9a754dd5efb62c7022761f4b", + "_shrinkwrap": "[Circular]", + "_spec": "2.1.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/path-exists/issues" + }, + "dependencies": { + "pinkie-promise": { + "_args": [ + [ + "pinkie-promise@^2.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/find-up" + ], + [ + "pinkie-promise@2.0.0", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "pinkie-promise@>=2.0.0 <3.0.0", + "_id": "pinkie-promise@2.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/pinkie-promise", + "_nodeVersion": "4.2.0", + "_npmUser": { + "email": "floatdrop@gmail.com", + "name": "floatdrop" + }, + "_npmVersion": "2.14.7", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "pinkie-promise@2.0.0", + "name": "pinkie-promise", + "escapedName": "pinkie-promise", + "rawSpec": "2.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/find-up", + "/bundle-dependencies/load-json-file", + "/bundle-dependencies/path-exists", + "/bundle-dependencies/path-type" + ], + "_resolved": "https://registry.npmjs.org/pinkie-promise/-/pinkie-promise-2.0.0.tgz", + "_shasum": "4c83538de1f6e660c29e0a13446844f7a7e88259", + "_shrinkwrap": "[Circular]", + "_spec": "2.0.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Vsevolod Strukchinsky", + "email": "floatdrop@gmail.com", + "url": "github.com/floatdrop" + }, + "bugs": { + "url": "https://github.com/floatdrop/pinkie-promise/issues" + }, + "dependencies": {}, + "description": "ES2015 Promise ponyfill", + "devDependencies": { + "mocha": "*" + }, + "directories": {}, + "dist": { + "shasum": "4c83538de1f6e660c29e0a13446844f7a7e88259", + "tarball": "http://registry.npmjs.org/pinkie-promise/-/pinkie-promise-2.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "f90fcae9838bcae7ae1ae4ebc9b29f11e5db4980", + "homepage": "https://github.com/floatdrop/pinkie-promise", + "keywords": [ + "promise", + "promises", + "es2015", + "es6", + "polyfill", + "ponyfill" + ], + "license": "MIT", + "maintainers": [ + { + "name": "floatdrop", + "email": "floatdrop@gmail.com" + } + ], + "name": "pinkie-promise", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/floatdrop/pinkie-promise.git" + }, + "scripts": { + "test": "mocha" + }, + "version": "2.0.0", + "readme": "# pinkie-promise [![Build Status](https://travis-ci.org/floatdrop/pinkie-promise.svg?branch=master)](https://travis-ci.org/floatdrop/pinkie-promise)\n\n> [ES2015 Promise](https://people.mozilla.org/~jorendorff/es6-draft.html#sec-promise-objects) ponyfill\n\nModule exports global Promise object (if available) or [`pinkie`](http://github.com/floatdrop/pinkie) Promise polyfill.\n\n## Install\n\n```\n$ npm install --save pinkie-promise\n```\n\n## Usage\n\n```js\nvar Promise = require('pinkie-promise');\n\nnew Promise(function (resolve) { resolve('unicorns'); });\n//=> Promise { 'unicorns' }\n```\n\n## Related\n\n- [pify](https://github.com/sindresorhus/pify) - Promisify a callback-style function\n\n## License\n\nMIT © [Vsevolod Strukchinsky](http://github.com/floatdrop)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "error": "[Circular]", + "extraneous": false, + "_deduped": "bundle-dependencies/pinkie-promise" + } + }, + "description": "Check if a path exists", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "0feb6c64f0fc518d9a754dd5efb62c7022761f4b", + "tarball": "http://registry.npmjs.org/path-exists/-/path-exists-2.1.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "3af423661e78466764f87c5712263c5d7a1ce5b7", + "homepage": "https://github.com/sindresorhus/path-exists", + "keywords": [ + "path", + "exists", + "exist", + "file", + "filepath", + "fs", + "filesystem", + "file-system", + "access", + "stat" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "path-exists", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/path-exists.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "2.1.0", + "readme": "# path-exists [![Build Status](https://travis-ci.org/sindresorhus/path-exists.svg?branch=master)](https://travis-ci.org/sindresorhus/path-exists)\n\n> Check if a path exists\n\nBecause [`fs.exists()`](https://nodejs.org/api/fs.html#fs_fs_exists_path_callback) is being [deprecated](https://github.com/iojs/io.js/issues/103), but there's still a genuine use-case of being able to check if a path exists for other purposes than doing IO with it.\n\nNever use this before handling a file though:\n\n> In particular, checking if a file exists before opening it is an anti-pattern that leaves you vulnerable to race conditions: another process may remove the file between the calls to `fs.exists()` and `fs.open()`. Just open the file and handle the error when it's not there.\n\n\n## Install\n\n```\n$ npm install --save path-exists\n```\n\n\n## Usage\n\n```js\n// foo.js\nvar pathExists = require('path-exists');\n\npathExists('foo.js').then(function (exists) {\n\tconsole.log(exists);\n\t//=> true\n});\n```\n\n\n## API\n\n### pathExists(path)\n\nReturns a promise that resolves to a boolean of whether the path exists.\n\n### pathExists.sync(path)\n\nReturns a boolean of whether the path exists.\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "pinkie-promise": "^2.0.0" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/path-exists", + "error": "[Circular]", + "extraneous": false + }, + "pinkie-promise": { + "_args": "[Circular]", + "_from": "pinkie-promise@>=2.0.0 <3.0.0", + "_id": "pinkie-promise@2.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/pinkie-promise", + "_nodeVersion": "4.2.0", + "_npmUser": "[Circular]", + "_npmVersion": "2.14.7", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "pinkie-promise@2.0.0", + "name": "pinkie-promise", + "escapedName": "pinkie-promise", + "rawSpec": "2.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.0.0" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/pinkie-promise/-/pinkie-promise-2.0.0.tgz", + "_shasum": "4c83538de1f6e660c29e0a13446844f7a7e88259", + "_shrinkwrap": "[Circular]", + "_spec": "2.0.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": { + "pinkie": { + "_args": [ + [ + "pinkie@^2.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/pinkie-promise" + ], + [ + "pinkie@2.0.4", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "pinkie@>=2.0.0 <3.0.0", + "_id": "pinkie@2.0.4", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/pinkie", + "_nodeVersion": "4.2.4", + "_npmUser": { + "email": "floatdrop@gmail.com", + "name": "floatdrop" + }, + "_npmVersion": "2.14.12", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "pinkie@2.0.4", + "name": "pinkie", + "escapedName": "pinkie", + "rawSpec": "2.0.4", + "saveSpec": "[Circular]", + "fetchSpec": "2.0.4" + }, + "_requiredBy": [ + "/bundle-dependencies/pinkie-promise" + ], + "_resolved": "https://registry.npmjs.org/pinkie/-/pinkie-2.0.4.tgz", + "_shasum": "72556b80cfa0d48a974e80e77248e80ed4f7f870", + "_shrinkwrap": "[Circular]", + "_spec": "2.0.4", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Vsevolod Strukchinsky", + "email": "floatdrop@gmail.com", + "url": "github.com/floatdrop" + }, + "bugs": { + "url": "https://github.com/floatdrop/pinkie/issues" + }, + "dependencies": {}, + "description": "Itty bitty little widdle twinkie pinkie ES2015 Promise implementation", + "devDependencies": { + "core-assert": "^0.1.1", + "coveralls": "^2.11.4", + "mocha": "*", + "nyc": "^3.2.2", + "promises-aplus-tests": "*", + "xo": "^0.10.1" + }, + "directories": {}, + "dist": { + "shasum": "72556b80cfa0d48a974e80e77248e80ed4f7f870", + "tarball": "http://registry.npmjs.org/pinkie/-/pinkie-2.0.4.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "8d4a92447a5c62bff9f89756caeb4c9c8770579b", + "homepage": "https://github.com/floatdrop/pinkie", + "keywords": [ + "promise", + "promises", + "es2015", + "es6" + ], + "license": "MIT", + "maintainers": [ + { + "name": "floatdrop", + "email": "floatdrop@gmail.com" + } + ], + "name": "pinkie", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/floatdrop/pinkie.git" + }, + "scripts": { + "coverage": "nyc report --reporter=text-lcov | coveralls", + "test": "xo && nyc mocha" + }, + "version": "2.0.4", + "readme": "

\n\t
\n\t\"pinkie\"\n\t
\n\t
\n

\n\n> Itty bitty little widdle twinkie pinkie [ES2015 Promise](https://people.mozilla.org/~jorendorff/es6-draft.html#sec-promise-objects) implementation\n\n[![Build Status](https://travis-ci.org/floatdrop/pinkie.svg?branch=master)](https://travis-ci.org/floatdrop/pinkie) [![Coverage Status](https://coveralls.io/repos/floatdrop/pinkie/badge.svg?branch=master&service=github)](https://coveralls.io/github/floatdrop/pinkie?branch=master)\n\nThere are [tons of Promise implementations](https://github.com/promises-aplus/promises-spec/blob/master/implementations.md#standalone) out there, but all of them focus on browser compatibility and are often bloated with functionality.\n\nThis module is an exact Promise specification polyfill (like [native-promise-only](https://github.com/getify/native-promise-only)), but in Node.js land (it should be browserify-able though).\n\n\n## Install\n\n```\n$ npm install --save pinkie\n```\n\n\n## Usage\n\n```js\nvar fs = require('fs');\nvar Promise = require('pinkie');\n\nnew Promise(function (resolve, reject) {\n\tfs.readFile('foo.json', 'utf8', function (err, data) {\n\t\tif (err) {\n\t\t\treject(err);\n\t\t\treturn;\n\t\t}\n\n\t\tresolve(data);\n\t});\n});\n//=> Promise\n```\n\n\n### API\n\n`pinkie` exports bare [ES2015 Promise](https://people.mozilla.org/~jorendorff/es6-draft.html#sec-promise-objects) implementation and polyfills [Node.js rejection events](https://nodejs.org/api/process.html#process_event_unhandledrejection). In case you forgot:\n\n#### new Promise(executor)\n\nReturns new instance of `Promise`.\n\n##### executor\n\n*Required* \nType: `function`\n\nFunction with two arguments `resolve` and `reject`. The first argument fulfills the promise, the second argument rejects it.\n\n#### pinkie.all(promises)\n\nReturns a promise that resolves when all of the promises in the `promises` Array argument have resolved.\n\n#### pinkie.race(promises)\n\nReturns a promise that resolves or rejects as soon as one of the promises in the `promises` Array resolves or rejects, with the value or reason from that promise.\n\n#### pinkie.reject(reason)\n\nReturns a Promise object that is rejected with the given `reason`.\n\n#### pinkie.resolve(value)\n\nReturns a Promise object that is resolved with the given `value`. If the `value` is a thenable (i.e. has a then method), the returned promise will \"follow\" that thenable, adopting its eventual state; otherwise the returned promise will be fulfilled with the `value`.\n\n\n## Related\n\n- [pinkie-promise](https://github.com/floatdrop/pinkie-promise) - Returns the native Promise or this module\n\n\n## License\n\nMIT © [Vsevolod Strukchinsky](http://github.com/floatdrop)\n", + "readmeFilename": "readme.md", + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "ES2015 Promise ponyfill", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "f90fcae9838bcae7ae1ae4ebc9b29f11e5db4980", + "homepage": "https://github.com/floatdrop/pinkie-promise", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "pinkie-promise", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "2.0.0", + "readme": "# pinkie-promise [![Build Status](https://travis-ci.org/floatdrop/pinkie-promise.svg?branch=master)](https://travis-ci.org/floatdrop/pinkie-promise)\n\n> [ES2015 Promise](https://people.mozilla.org/~jorendorff/es6-draft.html#sec-promise-objects) ponyfill\n\nModule exports global Promise object (if available) or [`pinkie`](http://github.com/floatdrop/pinkie) Promise polyfill.\n\n## Install\n\n```\n$ npm install --save pinkie-promise\n```\n\n## Usage\n\n```js\nvar Promise = require('pinkie-promise');\n\nnew Promise(function (resolve) { resolve('unicorns'); });\n//=> Promise { 'unicorns' }\n```\n\n## Related\n\n- [pify](https://github.com/sindresorhus/pify) - Promisify a callback-style function\n\n## License\n\nMIT © [Vsevolod Strukchinsky](http://github.com/floatdrop)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Find a file by walking up parent directories", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "a63b0eec4625a2902534898a5f9eec8aaed046e9", + "tarball": "http://registry.npmjs.org/find-up/-/find-up-1.1.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "06e9dae73659ddf2421440ca4695161c38d7d2fb", + "homepage": "https://github.com/sindresorhus/find-up", + "keywords": [ + "find", + "up", + "find-up", + "findup", + "look-up", + "look", + "file", + "search", + "match", + "package", + "resolve", + "parent", + "parents", + "folder", + "directory", + "dir", + "walk", + "walking", + "path" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "find-up", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/find-up.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "1.1.0", + "readme": "# find-up [![Build Status](https://travis-ci.org/sindresorhus/find-up.svg?branch=master)](https://travis-ci.org/sindresorhus/find-up)\n\n> Find a file by walking up parent directories\n\n\n## Install\n\n```\n$ npm install --save find-up\n```\n\n\n## Usage\n\n```\n/\n└── Users\n └── sindresorhus\n ├── unicorn.png\n └── foo\n └── bar\n ├── baz\n └── example.js\n```\n\n```js\n// example.js\nvar findUp = require('find-up');\n\nfindUp('unicorn.png').then(function (filepath) {\n\tconsole.log(filepath);\n\t//=> '/Users/sindresorhus/unicorn.png'\n});\n```\n\n\n## API\n\n### findUp(filename, [options])\n\nReturns a promise that resolves to a filepath or `null`.\n\n### findUp.sync(filename, [options])\n\nReturns a filepath or `null`.\n\n#### filename\n\nType: `string`\n\nFilename of the file to find.\n\n#### options\n\n##### cwd\n\nType: `string` \nDefault: `process.cwd()`\n\nDirectory to start from.\n\n\n## Related\n\n- [find-up-cli](https://github.com/sindresorhus/find-up-cli) - CLI for this module\n- [pkg-up](https://github.com/sindresorhus/pkg-up) - Find the closest package.json file\n- [pkg-dir](https://github.com/sindresorhus/pkg-dir) - Find the root directory of a npm package\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/find-up", + "error": "[Circular]", + "extraneous": false + }, + "object-assign": { + "_args": [ + [ + "object-assign@^4.0.1", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/pkg-conf" + ], + [ + "object-assign@4.0.1", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "object-assign@>=4.0.1 <5.0.0", + "_id": "object-assign@4.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/object-assign", + "_nodeVersion": "3.0.0", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.13.3", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "object-assign@4.0.1", + "name": "object-assign", + "escapedName": "object-assign", + "rawSpec": "4.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "4.0.1" + }, + "_requiredBy": [ + "/bundle-dependencies/pkg-conf" + ], + "_resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.0.1.tgz", + "_shasum": "99504456c3598b5cad4fc59c26e8a9bb107fe0bd", + "_shrinkwrap": "[Circular]", + "_spec": "4.0.1", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "http://sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/object-assign/issues" + }, + "dependencies": {}, + "description": "ES6 Object.assign() ponyfill", + "devDependencies": { + "lodash": "^3.10.1", + "matcha": "^0.6.0", + "mocha": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "99504456c3598b5cad4fc59c26e8a9bb107fe0bd", + "tarball": "http://registry.npmjs.org/object-assign/-/object-assign-4.0.1.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "b0c40d37cbc43e89ad3326a9bad4c6b3133ba6d3", + "homepage": "https://github.com/sindresorhus/object-assign#readme", + "keywords": [ + "object", + "assign", + "extend", + "properties", + "es6", + "ecmascript", + "harmony", + "ponyfill", + "prollyfill", + "polyfill", + "shim", + "browser" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "object-assign", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/object-assign.git" + }, + "scripts": { + "bench": "matcha bench.js", + "test": "xo && mocha" + }, + "version": "4.0.1", + "xo": { + "envs": [ + "node", + "mocha" + ] + }, + "readme": "# object-assign [![Build Status](https://travis-ci.org/sindresorhus/object-assign.svg?branch=master)](https://travis-ci.org/sindresorhus/object-assign)\n\n> ES6 [`Object.assign()`](http://www.2ality.com/2014/01/object-assign.html) ponyfill\n\n> Ponyfill: A polyfill that doesn't overwrite the native method\n\n\n## Install\n\n```sh\n$ npm install --save object-assign\n```\n\n\n## Usage\n\n```js\nvar objectAssign = require('object-assign');\n\nobjectAssign({foo: 0}, {bar: 1});\n//=> {foo: 0, bar: 1}\n\n// multiple sources\nobjectAssign({foo: 0}, {bar: 1}, {baz: 2});\n//=> {foo: 0, bar: 1, baz: 2}\n\n// overwrites equal keys\nobjectAssign({foo: 0}, {foo: 1}, {foo: 2});\n//=> {foo: 2}\n\n// ignores null and undefined sources\nobjectAssign({foo: 0}, null, {bar: 1}, undefined);\n//=> {foo: 0, bar: 1}\n```\n\n\n## API\n\n### objectAssign(target, source, [source, ...])\n\nAssigns enumerable own properties of `source` objects to the `target` object and returns the `target` object. Additional `source` objects will overwrite previous ones.\n\n\n## Resources\n\n- [ES6 spec - Object.assign](https://people.mozilla.org/~jorendorff/es6-draft.html#sec-object.assign)\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/object-assign", + "error": "[Circular]", + "extraneous": false + }, + "read-pkg": { + "_args": [ + [ + "read-pkg@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/pkg-conf" + ], + [ + "read-pkg@1.1.0", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "read-pkg@>=1.0.0 <2.0.0", + "_id": "read-pkg@1.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/read-pkg", + "_nodeVersion": "3.0.0", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.13.3", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "read-pkg@1.1.0", + "name": "read-pkg", + "escapedName": "read-pkg", + "rawSpec": "1.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies/pkg-conf", + "/bundle-dependencies/read-pkg-up" + ], + "_resolved": "https://registry.npmjs.org/read-pkg/-/read-pkg-1.1.0.tgz", + "_shasum": "f5ffaa5ecd29cb31c0474bca7d756b6bb29e3f28", + "_shrinkwrap": "[Circular]", + "_spec": "1.1.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/read-pkg/issues" + }, + "dependencies": { + "load-json-file": { + "_args": [ + [ + "load-json-file@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/read-pkg" + ], + [ + "load-json-file@1.1.0", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "load-json-file@>=1.0.0 <2.0.0", + "_id": "load-json-file@1.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/load-json-file", + "_nodeVersion": "4.2.1", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.14.7", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "load-json-file@1.1.0", + "name": "load-json-file", + "escapedName": "load-json-file", + "rawSpec": "1.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies/read-pkg" + ], + "_resolved": "https://registry.npmjs.org/load-json-file/-/load-json-file-1.1.0.tgz", + "_shasum": "956905708d58b4bab4c2261b04f59f31c99374c0", + "_shrinkwrap": "[Circular]", + "_spec": "1.1.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/load-json-file/issues" + }, + "dependencies": { + "graceful-fs": { + "_args": [ + [ + "graceful-fs@^4.1.2", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/load-json-file" + ], + [ + "graceful-fs@4.1.3", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "graceful-fs@>=4.1.2 <5.0.0", + "_id": "graceful-fs@4.1.3", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/graceful-fs", + "_nodeVersion": "4.0.0", + "_npmOperationalInternal": { + "host": "packages-6-west.internal.npmjs.com", + "tmp": "tmp/graceful-fs-4.1.3.tgz_1454449326495_0.943017533281818" + }, + "_npmUser": { + "email": "i@izs.me", + "name": "isaacs" + }, + "_npmVersion": "3.7.0", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "graceful-fs@4.1.3", + "name": "graceful-fs", + "escapedName": "graceful-fs", + "rawSpec": "4.1.3", + "saveSpec": "[Circular]", + "fetchSpec": "4.1.3" + }, + "_requiredBy": [ + "/bundle-dependencies/load-json-file", + "/bundle-dependencies/path-type" + ], + "_resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.1.3.tgz", + "_shasum": "92033ce11113c41e2628d61fdfa40bc10dc0155c", + "_shrinkwrap": "[Circular]", + "_spec": "4.1.3", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "bugs": { + "url": "https://github.com/isaacs/node-graceful-fs/issues" + }, + "dependencies": {}, + "description": "A drop-in replacement for fs, making various improvements.", + "devDependencies": { + "mkdirp": "^0.5.0", + "rimraf": "^2.2.8", + "tap": "^5.4.2" + }, + "directories": { + "test": "test" + }, + "dist": { + "shasum": "92033ce11113c41e2628d61fdfa40bc10dc0155c", + "tarball": "http://registry.npmjs.org/graceful-fs/-/graceful-fs-4.1.3.tgz" + }, + "engines": { + "node": ">=0.4.0" + }, + "files": [ + "fs.js", + "graceful-fs.js", + "legacy-streams.js", + "polyfills.js" + ], + "gitHead": "694c56f3aed4aee62d6df169be123d3984f61b85", + "homepage": "https://github.com/isaacs/node-graceful-fs#readme", + "keywords": [ + "fs", + "module", + "reading", + "retry", + "retries", + "queue", + "error", + "errors", + "handling", + "EMFILE", + "EAGAIN", + "EINVAL", + "EPERM", + "EACCESS" + ], + "license": "ISC", + "main": "graceful-fs.js", + "maintainers": [ + { + "name": "isaacs", + "email": "i@izs.me" + } + ], + "name": "graceful-fs", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/isaacs/node-graceful-fs.git" + }, + "scripts": { + "test": "node test.js | tap -" + }, + "version": "4.1.3", + "readme": "# graceful-fs\n\ngraceful-fs functions as a drop-in replacement for the fs module,\nmaking various improvements.\n\nThe improvements are meant to normalize behavior across different\nplatforms and environments, and to make filesystem access more\nresilient to errors.\n\n## Improvements over [fs module](http://api.nodejs.org/fs.html)\n\ngraceful-fs:\n\n* Queues up `open` and `readdir` calls, and retries them once\n something closes if there is an EMFILE error from too many file\n descriptors.\n* fixes `lchmod` for Node versions prior to 0.6.2.\n* implements `fs.lutimes` if possible. Otherwise it becomes a noop.\n* ignores `EINVAL` and `EPERM` errors in `chown`, `fchown` or\n `lchown` if the user isn't root.\n* makes `lchmod` and `lchown` become noops, if not available.\n* retries reading a file if `read` results in EAGAIN error.\n\nOn Windows, it retries renaming a file for up to one second if `EACCESS`\nor `EPERM` error occurs, likely because antivirus software has locked\nthe directory.\n\n## USAGE\n\n```javascript\n// use just like fs\nvar fs = require('graceful-fs')\n\n// now go and do stuff with it...\nfs.readFileSync('some-file-or-whatever')\n```\n\n## Global Patching\n\nIf you want to patch the global fs module (or any other fs-like\nmodule) you can do this:\n\n```javascript\n// Make sure to read the caveat below.\nvar realFs = require('fs')\nvar gracefulFs = require('graceful-fs')\ngracefulFs.gracefulify(realFs)\n```\n\nThis should only ever be done at the top-level application layer, in\norder to delay on EMFILE errors from any fs-using dependencies. You\nshould **not** do this in a library, because it can cause unexpected\ndelays in other parts of the program.\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/graceful-fs", + "error": "[Circular]", + "extraneous": false + }, + "parse-json": { + "_args": [ + [ + "parse-json@^2.2.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/load-json-file" + ], + [ + "parse-json@2.2.0", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "parse-json@>=2.2.0 <3.0.0", + "_id": "parse-json@2.2.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/parse-json", + "_nodeVersion": "0.12.7", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.11.3", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "parse-json@2.2.0", + "name": "parse-json", + "escapedName": "parse-json", + "rawSpec": "2.2.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.2.0" + }, + "_requiredBy": [ + "/bundle-dependencies/load-json-file" + ], + "_resolved": "https://registry.npmjs.org/parse-json/-/parse-json-2.2.0.tgz", + "_shasum": "f480f40434ef80741f8469099f8dea18f55a4dc9", + "_shrinkwrap": "[Circular]", + "_spec": "2.2.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/parse-json/issues" + }, + "dependencies": { + "error-ex": { + "_args": [ + [ + "error-ex@^1.2.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/parse-json" + ], + [ + "error-ex@1.3.0", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "error-ex@>=1.2.0 <2.0.0", + "_id": "error-ex@1.3.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/error-ex", + "_nodeVersion": "4.1.1", + "_npmUser": { + "email": "i.am.qix@gmail.com", + "name": "qix" + }, + "_npmVersion": "3.3.6", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "error-ex@1.3.0", + "name": "error-ex", + "escapedName": "error-ex", + "rawSpec": "1.3.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.3.0" + }, + "_requiredBy": [ + "/bundle-dependencies/parse-json" + ], + "_resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.0.tgz", + "_shasum": "e67b43f3e82c96ea3a584ffee0b9fc3325d802d9", + "_shrinkwrap": "[Circular]", + "_spec": "1.3.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "bugs": { + "url": "https://github.com/qix-/node-error-ex/issues" + }, + "dependencies": { + "is-arrayish": { + "_args": [ + [ + "is-arrayish@^0.2.1", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/error-ex" + ], + [ + "is-arrayish@0.2.1", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "is-arrayish@>=0.2.1 <0.3.0", + "_id": "is-arrayish@0.2.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/is-arrayish", + "_nodeVersion": "0.12.7", + "_npmUser": { + "email": "i.am.qix@gmail.com", + "name": "qix" + }, + "_npmVersion": "3.2.2", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "is-arrayish@0.2.1", + "name": "is-arrayish", + "escapedName": "is-arrayish", + "rawSpec": "0.2.1", + "saveSpec": "[Circular]", + "fetchSpec": "0.2.1" + }, + "_requiredBy": [ + "/bundle-dependencies/error-ex" + ], + "_resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", + "_shasum": "77c99840527aa8ecb1a8ba697b80645a7a926a9d", + "_shrinkwrap": "[Circular]", + "_spec": "0.2.1", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Qix", + "url": "http://github.com/qix-" + }, + "bugs": { + "url": "https://github.com/qix-/node-is-arrayish/issues" + }, + "dependencies": {}, + "description": "Determines if an object can be used as an array", + "devDependencies": { + "coffee-script": "^1.9.3", + "coveralls": "^2.11.2", + "istanbul": "^0.3.17", + "mocha": "^2.2.5", + "should": "^7.0.1", + "xo": "^0.6.1" + }, + "directories": {}, + "dist": { + "shasum": "77c99840527aa8ecb1a8ba697b80645a7a926a9d", + "tarball": "http://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz" + }, + "gitHead": "53f22aa6ce557d7d31a3d1152a590a2df220df9d", + "homepage": "https://github.com/qix-/node-is-arrayish#readme", + "keywords": [ + "is", + "array", + "duck", + "type", + "arrayish", + "similar", + "proto", + "prototype", + "type" + ], + "license": "MIT", + "maintainers": [ + { + "name": "qix", + "email": "i.am.qix@gmail.com" + } + ], + "name": "is-arrayish", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/qix-/node-is-arrayish.git" + }, + "scripts": { + "pretest": "xo", + "test": "mocha --compilers coffee:coffee-script/register" + }, + "version": "0.2.1", + "readme": "# node-is-arrayish [![Travis-CI.org Build Status](https://img.shields.io/travis/Qix-/node-is-arrayish.svg?style=flat-square)](https://travis-ci.org/Qix-/node-is-arrayish) [![Coveralls.io Coverage Rating](https://img.shields.io/coveralls/Qix-/node-is-arrayish.svg?style=flat-square)](https://coveralls.io/r/Qix-/node-is-arrayish)\n> Determines if an object can be used like an Array\n\n## Example\n```javascript\nvar isArrayish = require('is-arrayish');\n\nisArrayish([]); // true\nisArrayish({__proto__: []}); // true\nisArrayish({}); // false\nisArrayish({length:10}); // false\n```\n\n## License\nLicensed under the [MIT License](http://opensource.org/licenses/MIT).\nYou can find a copy of it in [LICENSE](LICENSE).\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-arrayish", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Easy error subclassing and stack customization", + "devDependencies": { + "coffee-script": "^1.9.3", + "coveralls": "^2.11.2", + "istanbul": "^0.3.17", + "mocha": "^2.2.5", + "should": "^7.0.1", + "xo": "^0.7.1" + }, + "directories": {}, + "dist": { + "shasum": "e67b43f3e82c96ea3a584ffee0b9fc3325d802d9", + "tarball": "http://registry.npmjs.org/error-ex/-/error-ex-1.3.0.tgz" + }, + "files": [ + "index.js" + ], + "gitHead": "118bb63206f736f2450480e73f9d7d22692ae328", + "homepage": "https://github.com/qix-/node-error-ex#readme", + "keywords": [ + "error", + "errors", + "extend", + "extending", + "extension", + "subclass", + "stack", + "custom" + ], + "license": "MIT", + "maintainers": [ + { + "name": "qix", + "email": "i.am.qix@gmail.com" + }, + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "error-ex", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/qix-/node-error-ex.git" + }, + "scripts": { + "pretest": "xo", + "test": "mocha --compilers coffee:coffee-script/register" + }, + "version": "1.3.0", + "xo": { + "rules": { + "operator-linebreak": [ + 0 + ] + } + }, + "readme": "# node-error-ex [![Travis-CI.org Build Status](https://img.shields.io/travis/Qix-/node-error-ex.svg?style=flat-square)](https://travis-ci.org/Qix-/node-error-ex) [![Coveralls.io Coverage Rating](https://img.shields.io/coveralls/Qix-/node-error-ex.svg?style=flat-square)](https://coveralls.io/r/Qix-/node-error-ex)\n> Easily subclass and customize new Error types\n\n## Examples\nTo include in your project:\n```javascript\nvar errorEx = require('error-ex');\n```\n\nTo create an error message type with a specific name (note, that `ErrorFn.name`\nwill not reflect this):\n```javascript\nvar JSONError = errorEx('JSONError');\n\nvar err = new JSONError('error');\nerr.name; //-> JSONError\nthrow err; //-> JSONError: error\n```\n\nTo add a stack line:\n```javascript\nvar JSONError = errorEx('JSONError', {fileName: errorEx.line('in %s')});\n\nvar err = new JSONError('error')\nerr.fileName = '/a/b/c/foo.json';\nthrow err; //-> (line 2)-> in /a/b/c/foo.json\n```\n\nTo append to the error message:\n```javascript\nvar JSONError = errorEx('JSONError', {fileName: errorEx.append('in %s')});\n\nvar err = new JSONError('error');\nerr.fileName = '/a/b/c/foo.json';\nthrow err; //-> JSONError: error in /a/b/c/foo.json\n```\n\n## API\n\n#### `errorEx([name], [properties])`\nCreates a new ErrorEx error type\n\n- `name`: the name of the new type (appears in the error message upon throw;\n defaults to `Error.name`)\n- `properties`: if supplied, used as a key/value dictionary of properties to\n use when building up the stack message. Keys are property names that are\n looked up on the error message, and then passed to function values.\n\t- `line`: if specified and is a function, return value is added as a stack\n entry (error-ex will indent for you). Passed the property value given\n the key.\n - `stack`: if specified and is a function, passed the value of the property\n using the key, and the raw stack lines as a second argument. Takes no\n return value (but the stack can be modified directly).\n - `message`: if specified and is a function, return value is used as new\n `.message` value upon get. Passed the property value of the property named\n by key, and the existing message is passed as the second argument as an\n array of lines (suitable for multi-line messages).\n\nReturns a constructor (Function) that can be used just like the regular Error\nconstructor.\n\n```javascript\nvar errorEx = require('error-ex');\n\nvar BasicError = errorEx();\n\nvar NamedError = errorEx('NamedError');\n\n// --\n\nvar AdvancedError = errorEx('AdvancedError', {\n\tfoo: {\n\t\tline: function (value, stack) {\n\t\t\tif (value) {\n\t\t\t\treturn 'bar ' + value;\n\t\t\t}\n\t\t\treturn null;\n\t\t}\n\t}\n}\n\nvar err = new AdvancedError('hello, world');\nerr.foo = 'baz';\nthrow err;\n\n/*\n\tAdvancedError: hello, world\n\t bar baz\n\t at tryReadme() (readme.js:20:1)\n*/\n```\n\n#### `errorEx.line(str)`\nCreates a stack line using a delimiter\n\n> This is a helper function. It is to be used in lieu of writing a value object\n> for `properties` values.\n\n- `str`: The string to create\n - Use the delimiter `%s` to specify where in the string the value should go\n\n```javascript\nvar errorEx = require('error-ex');\n\nvar FileError = errorEx('FileError', {fileName: errorEx.line('in %s')});\n\nvar err = new FileError('problem reading file');\nerr.fileName = '/a/b/c/d/foo.js';\nthrow err;\n\n/*\n\tFileError: problem reading file\n\t in /a/b/c/d/foo.js\n\t at tryReadme() (readme.js:7:1)\n*/\n```\n\n#### `errorEx.append(str)`\nAppends to the `error.message` string\n\n> This is a helper function. It is to be used in lieu of writing a value object\n> for `properties` values.\n\n- `str`: The string to append\n - Use the delimiter `%s` to specify where in the string the value should go\n\n```javascript\nvar errorEx = require('error-ex');\n\nvar SyntaxError = errorEx('SyntaxError', {fileName: errorEx.append('in %s')});\n\nvar err = new SyntaxError('improper indentation');\nerr.fileName = '/a/b/c/d/foo.js';\nthrow err;\n\n/*\n\tSyntaxError: improper indentation in /a/b/c/d/foo.js\n\t at tryReadme() (readme.js:7:1)\n*/\n```\n\n## License\nLicensed under the [MIT License](http://opensource.org/licenses/MIT).\nYou can find a copy of it in [LICENSE](LICENSE).\n", + "readmeFilename": "README.md", + "_dependencies": { + "is-arrayish": "^0.2.1" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/error-ex", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Parse JSON with more helpful errors", + "devDependencies": { + "ava": "0.0.4", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "f480f40434ef80741f8469099f8dea18f55a4dc9", + "tarball": "http://registry.npmjs.org/parse-json/-/parse-json-2.2.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js", + "vendor" + ], + "gitHead": "419b0cbb83e67af53f9fd3f7ff98605ea2020eb6", + "homepage": "https://github.com/sindresorhus/parse-json", + "keywords": [ + "parse", + "json", + "graceful", + "error", + "message", + "humanize", + "friendly", + "helpful", + "string", + "str" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "parse-json", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/parse-json.git" + }, + "scripts": { + "test": "xo && node test.js" + }, + "version": "2.2.0", + "xo": { + "ignores": [ + "vendor/**" + ] + }, + "readme": "# parse-json [![Build Status](https://travis-ci.org/sindresorhus/parse-json.svg?branch=master)](https://travis-ci.org/sindresorhus/parse-json)\n\n> Parse JSON with more helpful errors\n\n\n## Install\n\n```\n$ npm install --save parse-json\n```\n\n\n## Usage\n\n```js\nvar parseJson = require('parse-json');\nvar json = '{\\n\\t\"foo\": true,\\n}';\n\n\nJSON.parse(json);\n/*\nundefined:3\n}\n^\nSyntaxError: Unexpected token }\n*/\n\n\nparseJson(json);\n/*\nJSONError: Trailing comma in object at 3:1\n}\n^\n*/\n\n\nparseJson(json, 'foo.json');\n/*\nJSONError: Trailing comma in object at 3:1 in foo.json\n}\n^\n*/\n\n\n// you can also add the filename at a later point\ntry {\n\tparseJson(json);\n} catch (err) {\n\terr.fileName = 'foo.json';\n\tthrow err;\n}\n/*\nJSONError: Trailing comma in object at 3:1 in foo.json\n}\n^\n*/\n```\n\n## API\n\n### parseJson(input, [reviver], [filename])\n\n#### input\n\nType: `string`\n\n#### reviver\n\nType: `function`\n\nPrescribes how the value originally produced by parsing is transformed, before being returned. See [`JSON.parse` docs](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/parse#Using_the_reviver_parameter\n) for more.\n\n#### filename\n\nType: `string`\n\nFilename displayed in the error message.\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "error-ex": "^1.2.0" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/parse-json", + "error": "[Circular]", + "extraneous": false + }, + "pify": { + "_args": [ + [ + "pify@^2.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/load-json-file" + ], + [ + "pify@2.3.0", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "pify@>=2.0.0 <3.0.0", + "_id": "pify@2.3.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/pify", + "_nodeVersion": "4.2.1", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.14.7", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "pify@2.3.0", + "name": "pify", + "escapedName": "pify", + "rawSpec": "2.3.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.3.0" + }, + "_requiredBy": [ + "/bundle-dependencies/load-json-file", + "/bundle-dependencies/path-type" + ], + "_resolved": "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz", + "_shasum": "ed141a6ac043a849ea588498e7dca8b15330e90c", + "_shrinkwrap": "[Circular]", + "_spec": "2.3.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/pify/issues" + }, + "dependencies": {}, + "description": "Promisify a callback-style function", + "devDependencies": { + "ava": "*", + "pinkie-promise": "^1.0.0", + "v8-natives": "0.0.2", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "ed141a6ac043a849ea588498e7dca8b15330e90c", + "tarball": "http://registry.npmjs.org/pify/-/pify-2.3.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "2dd0d8b880e4ebcc5cc33ae126b02647418e4440", + "homepage": "https://github.com/sindresorhus/pify", + "keywords": [ + "promise", + "promises", + "promisify", + "denodify", + "denodeify", + "callback", + "cb", + "node", + "then", + "thenify", + "convert", + "transform", + "wrap", + "wrapper", + "bind", + "to", + "async", + "es2015" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "pify", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/pify.git" + }, + "scripts": { + "optimization-test": "node --allow-natives-syntax optimization-test.js", + "test": "xo && ava && npm run optimization-test" + }, + "version": "2.3.0", + "readme": "# pify [![Build Status](https://travis-ci.org/sindresorhus/pify.svg?branch=master)](https://travis-ci.org/sindresorhus/pify)\n\n> Promisify a callback-style function\n\n\n## Install\n\n```\n$ npm install --save pify\n```\n\n\n## Usage\n\n```js\nconst fs = require('fs');\nconst pify = require('pify');\n\n// promisify a single function\n\npify(fs.readFile)('package.json', 'utf8').then(data => {\n\tconsole.log(JSON.parse(data).name);\n\t//=> 'pify'\n});\n\n// or promisify all methods in a module\n\npify(fs).readFile('package.json', 'utf8').then(data => {\n\tconsole.log(JSON.parse(data).name);\n\t//=> 'pify'\n});\n```\n\n\n## API\n\n### pify(input, [promiseModule], [options])\n\nReturns a promise wrapped version of the supplied function or module.\n\n#### input\n\nType: `function`, `object`\n\nCallback-style function or module whose methods you want to promisify.\n\n#### promiseModule\n\nType: `function`\n\nCustom promise module to use instead of the native one.\n\nCheck out [`pinkie-promise`](https://github.com/floatdrop/pinkie-promise) if you need a tiny promise polyfill.\n\n#### options\n\n##### multiArgs\n\nType: `boolean` \nDefault: `false`\n\nBy default, the promisified function will only return the second argument from the callback, which works fine for most APIs. This option can be useful for modules like `request` that return multiple arguments. Turning this on will make it return an array of all arguments from the callback, excluding the error argument, instead of just the second argument.\n\n```js\nconst request = require('request');\nconst pify = require('pify');\n\npify(request, {multiArgs: true})('https://sindresorhus.com').then(result => {\n\tconst [httpResponse, body] = result;\n});\n```\n\n##### include\n\nType: `array` of (`string`|`regex`)\n\nMethods in a module to promisify. Remaining methods will be left untouched.\n\n##### exclude\n\nType: `array` of (`string`|`regex`) \nDefault: `[/.+Sync$/]`\n\nMethods in a module **not** to promisify. Methods with names ending with `'Sync'` are excluded by default.\n\n##### excludeMain\n\nType: `boolean` \nDefault: `false`\n\nBy default, if given module is a function itself, this function will be promisified. Turn this option on if you want to promisify only methods of the module.\n\n```js\nconst pify = require('pify');\n\nfunction fn() {\n\treturn true;\n}\n\nfn.method = (data, callback) => {\n\tsetImmediate(() => {\n\t\tcallback(data, null);\n\t});\n};\n\n// promisify methods but not fn()\nconst promiseFn = pify(fn, {excludeMain: true});\n\nif (promiseFn()) {\n\tpromiseFn.method('hi').then(data => {\n\t\tconsole.log(data);\n\t});\n}\n```\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pify", + "error": "[Circular]", + "extraneous": false + }, + "pinkie-promise": { + "_args": "[Circular]", + "_from": "pinkie-promise@>=2.0.0 <3.0.0", + "_id": "pinkie-promise@2.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/pinkie-promise", + "_nodeVersion": "4.2.0", + "_npmUser": "[Circular]", + "_npmVersion": "2.14.7", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "pinkie-promise@2.0.0", + "name": "pinkie-promise", + "escapedName": "pinkie-promise", + "rawSpec": "2.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.0.0" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/pinkie-promise/-/pinkie-promise-2.0.0.tgz", + "_shasum": "4c83538de1f6e660c29e0a13446844f7a7e88259", + "_shrinkwrap": "[Circular]", + "_spec": "2.0.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "ES2015 Promise ponyfill", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "f90fcae9838bcae7ae1ae4ebc9b29f11e5db4980", + "homepage": "https://github.com/floatdrop/pinkie-promise", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "pinkie-promise", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "2.0.0", + "readme": "# pinkie-promise [![Build Status](https://travis-ci.org/floatdrop/pinkie-promise.svg?branch=master)](https://travis-ci.org/floatdrop/pinkie-promise)\n\n> [ES2015 Promise](https://people.mozilla.org/~jorendorff/es6-draft.html#sec-promise-objects) ponyfill\n\nModule exports global Promise object (if available) or [`pinkie`](http://github.com/floatdrop/pinkie) Promise polyfill.\n\n## Install\n\n```\n$ npm install --save pinkie-promise\n```\n\n## Usage\n\n```js\nvar Promise = require('pinkie-promise');\n\nnew Promise(function (resolve) { resolve('unicorns'); });\n//=> Promise { 'unicorns' }\n```\n\n## Related\n\n- [pify](https://github.com/sindresorhus/pify) - Promisify a callback-style function\n\n## License\n\nMIT © [Vsevolod Strukchinsky](http://github.com/floatdrop)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "error": "[Circular]", + "extraneous": false, + "_deduped": "bundle-dependencies/pinkie-promise" + }, + "strip-bom": { + "_args": [ + [ + "strip-bom@^2.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/load-json-file" + ], + [ + "strip-bom@2.0.0", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "strip-bom@>=2.0.0 <3.0.0", + "_id": "strip-bom@2.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/strip-bom", + "_nodeVersion": "0.12.5", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.11.2", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "strip-bom@2.0.0", + "name": "strip-bom", + "escapedName": "strip-bom", + "rawSpec": "2.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/load-json-file" + ], + "_resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-2.0.0.tgz", + "_shasum": "6219a85616520491f35788bdbf1447a99c7e6b0e", + "_shrinkwrap": "[Circular]", + "_spec": "2.0.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/strip-bom/issues" + }, + "dependencies": { + "is-utf8": { + "_args": [ + [ + "is-utf8@^0.2.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/strip-bom" + ], + [ + "is-utf8@0.2.1", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "is-utf8@>=0.2.0 <0.3.0", + "_id": "is-utf8@0.2.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/is-utf8", + "_nodeVersion": "2.3.4", + "_npmUser": { + "email": "whyer1@gmail.com", + "name": "wayfind" + }, + "_npmVersion": "2.12.1", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "is-utf8@0.2.1", + "name": "is-utf8", + "escapedName": "is-utf8", + "rawSpec": "0.2.1", + "saveSpec": "[Circular]", + "fetchSpec": "0.2.1" + }, + "_requiredBy": [ + "/bundle-dependencies/strip-bom" + ], + "_resolved": "https://registry.npmjs.org/is-utf8/-/is-utf8-0.2.1.tgz", + "_shasum": "4b0da1442104d1b336340e80797e865cf39f7d72", + "_shrinkwrap": "[Circular]", + "_spec": "0.2.1", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "wayfind" + }, + "bugs": { + "url": "https://github.com/wayfind/is-utf8/issues" + }, + "dependencies": {}, + "description": "Detect if a buffer is utf8 encoded.", + "devDependencies": {}, + "directories": {}, + "dist": { + "shasum": "4b0da1442104d1b336340e80797e865cf39f7d72", + "tarball": "http://registry.npmjs.org/is-utf8/-/is-utf8-0.2.1.tgz" + }, + "files": [ + "is-utf8.js" + ], + "gitHead": "709df7202f9c3f93cdc2463b352dd80d8de9ce0b", + "homepage": "https://github.com/wayfind/is-utf8#readme", + "keywords": [ + "utf8", + "charset" + ], + "license": "MIT", + "main": "is-utf8.js", + "maintainers": [ + { + "name": "wayfind", + "email": "whyer1@gmail.com" + } + ], + "name": "is-utf8", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/wayfind/is-utf8.git" + }, + "scripts": { + "test": "node test.js" + }, + "version": "0.2.1", + "readme": "#utf8 detector\n\nDetect if a Buffer is utf8 encoded. \nIt need The minimum amount of bytes is 4.\n\n\n```javascript\n var fs = require('fs');\n var isUtf8 = require('is-utf8');\n var ansi = fs.readFileSync('ansi.txt');\n var utf8 = fs.readFileSync('utf8.txt');\n \n console.log('ansi.txt is utf8: '+isUtf8(ansi)); //false\n console.log('utf8.txt is utf8: '+isUtf8(utf8)); //true\n```\n \n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-utf8", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Strip UTF-8 byte order mark (BOM) from a string/buffer", + "devDependencies": { + "mocha": "*" + }, + "directories": {}, + "dist": { + "shasum": "6219a85616520491f35788bdbf1447a99c7e6b0e", + "tarball": "http://registry.npmjs.org/strip-bom/-/strip-bom-2.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "851b9c126dba9561cc14ef3dc2634dcc11df4d11", + "homepage": "https://github.com/sindresorhus/strip-bom", + "keywords": [ + "bom", + "strip", + "byte", + "mark", + "unicode", + "utf8", + "utf-8", + "remove", + "delete", + "trim", + "text", + "buffer", + "string" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "strip-bom", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/strip-bom.git" + }, + "scripts": { + "test": "mocha" + }, + "version": "2.0.0", + "readme": "# strip-bom [![Build Status](https://travis-ci.org/sindresorhus/strip-bom.svg?branch=master)](https://travis-ci.org/sindresorhus/strip-bom)\n\n> Strip UTF-8 [byte order mark](http://en.wikipedia.org/wiki/Byte_order_mark#UTF-8) (BOM) from a string/buffer\n\nFrom Wikipedia:\n\n> The Unicode Standard permits the BOM in UTF-8, but does not require nor recommend its use. Byte order has no meaning in UTF-8.\n\n\n## Install\n\n```\n$ npm install --save strip-bom\n```\n\n\n## Usage\n\n```js\nvar fs = require('fs');\nvar stripBom = require('strip-bom');\n\nstripBom('\\uFEFFunicorn');\n//=> 'unicorn'\n\nstripBom(fs.readFileSync('unicorn.txt'));\n//=> 'unicorn'\n```\n\n\n## Related\n\n- [strip-bom-cli](https://github.com/sindresorhus/strip-bom-cli) - CLI for this module\n- [strip-bom-stream](https://github.com/sindresorhus/strip-bom-stream) - Stream version of this module\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "is-utf8": "^0.2.0" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-bom", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Read and parse a JSON file", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "956905708d58b4bab4c2261b04f59f31c99374c0", + "tarball": "http://registry.npmjs.org/load-json-file/-/load-json-file-1.1.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "115157a417380d3160da418d4ff25bb33b0051eb", + "homepage": "https://github.com/sindresorhus/load-json-file", + "keywords": [ + "json", + "read", + "parse", + "file", + "fs", + "graceful", + "load" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "load-json-file", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/load-json-file.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "1.1.0", + "xo": { + "ignores": [ + "test.js" + ] + }, + "readme": "# load-json-file [![Build Status](https://travis-ci.org/sindresorhus/load-json-file.svg?branch=master)](https://travis-ci.org/sindresorhus/load-json-file)\n\n> Read and parse a JSON file\n\n[Strips UTF-8 BOM](https://github.com/sindresorhus/strip-bom), uses [`graceful-fs`](https://github.com/isaacs/node-graceful-fs), and throws more [helpful JSON errors](https://github.com/sindresorhus/parse-json).\n\n\n## Install\n\n```\n$ npm install --save load-json-file\n```\n\n\n## Usage\n\n```js\nconst loadJsonFile = require('load-json-file');\n\nloadJsonFile('foo.json').then(json => {\n\tconsole.log(json);\n\t//=> {foo: true}\n});\n```\n\n\n## API\n\n### loadJsonFile(filepath)\n\nReturns a promise that resolves to the parsed JSON.\n\n### loadJsonFile.sync(filepath)\n\nReturns the parsed JSON.\n\n\n## Related\n\n- [write-json-file](https://github.com/sindresorhus/write-json-file) - Stringify and write JSON to a file atomically\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "graceful-fs": "^4.1.2", + "parse-json": "^2.2.0", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0", + "strip-bom": "^2.0.0" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/load-json-file", + "error": "[Circular]", + "extraneous": false + }, + "normalize-package-data": { + "_args": [ + [ + "normalize-package-data@^2.3.2", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/read-pkg" + ], + [ + "normalize-package-data@2.3.5", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "normalize-package-data@>=2.3.2 <3.0.0", + "_id": "normalize-package-data@2.3.5", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/normalize-package-data", + "_nodeVersion": "5.0.0", + "_npmUser": { + "email": "me@re-becca.org", + "name": "iarna" + }, + "_npmVersion": "3.3.6", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "normalize-package-data@2.3.5", + "name": "normalize-package-data", + "escapedName": "normalize-package-data", + "rawSpec": "2.3.5", + "saveSpec": "[Circular]", + "fetchSpec": "2.3.5" + }, + "_requiredBy": [ + "/bundle-dependencies/read-pkg" + ], + "_resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.3.5.tgz", + "_shasum": "8d924f142960e1777e7ffe170543631cc7cb02df", + "_shrinkwrap": "[Circular]", + "_spec": "2.3.5", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Meryn Stol", + "email": "merynstol@gmail.com" + }, + "bugs": { + "url": "https://github.com/npm/normalize-package-data/issues" + }, + "contributors": [ + { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me" + }, + { + "name": "Meryn Stol", + "email": "merynstol@gmail.com" + }, + { + "name": "Robert Kowalski", + "email": "rok@kowalski.gd" + } + ], + "dependencies": { + "hosted-git-info": { + "_args": [ + [ + "hosted-git-info@^2.1.4", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/normalize-package-data" + ], + [ + "hosted-git-info@2.1.4", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "hosted-git-info@>=2.1.4 <3.0.0", + "_id": "hosted-git-info@2.1.4", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/hosted-git-info", + "_nodeVersion": "2.0.2", + "_npmUser": { + "email": "ogd@aoaioxxysz.net", + "name": "othiym23" + }, + "_npmVersion": "2.10.1", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "hosted-git-info@2.1.4", + "name": "hosted-git-info", + "escapedName": "hosted-git-info", + "rawSpec": "2.1.4", + "saveSpec": "[Circular]", + "fetchSpec": "2.1.4" + }, + "_requiredBy": [ + "/bundle-dependencies/normalize-package-data" + ], + "_resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.1.4.tgz", + "_shasum": "d9e953b26988be88096c46e926494d9604c300f8", + "_shrinkwrap": "[Circular]", + "_spec": "2.1.4", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Rebecca Turner", + "email": "me@re-becca.org", + "url": "http://re-becca.org" + }, + "bugs": { + "url": "https://github.com/npm/hosted-git-info/issues" + }, + "dependencies": {}, + "description": "Provides metadata and conversions from repository urls for Github, Bitbucket and Gitlab", + "devDependencies": { + "standard": "^3.3.2", + "tap": "^0.4.13" + }, + "directories": {}, + "dist": { + "shasum": "d9e953b26988be88096c46e926494d9604c300f8", + "tarball": "http://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.1.4.tgz" + }, + "gitHead": "9e1a36df8eb050a663713c79e56d89dadba2bd8d", + "homepage": "https://github.com/npm/hosted-git-info", + "keywords": [ + "git", + "github", + "bitbucket", + "gitlab" + ], + "license": "ISC", + "main": "index.js", + "maintainers": [ + { + "name": "iarna", + "email": "me@re-becca.org" + }, + { + "name": "othiym23", + "email": "ogd@aoaioxxysz.net" + } + ], + "name": "hosted-git-info", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/npm/hosted-git-info.git" + }, + "scripts": { + "test": "standard && tap test/*.js" + }, + "version": "2.1.4", + "readme": "# hosted-git-info\n\nThis will let you identify and transform various git hosts URLs between\nprotocols. It also can tell you what the URL is for the raw path for\nparticular file for direct access without git.\n\n## Usage\n\n```javascript\nvar hostedGitInfo = require(\"hosted-git-info\")\nvar info = hostedGitInfo.fromUrl(\"git@github.com:npm/hosted-git-info.git\")\n/* info looks like:\n{\n type: \"github\",\n domain: \"github.com\",\n user: \"npm\",\n project: \"hosted-git-info\"\n}\n*/\n```\n\nIf the URL can't be matched with a git host, `null` will be returned. We\ncan match git, ssh and https urls. Additionally, we can match ssh connect\nstrings (`git@github.com:npm/hosted-git-info`) and shortcuts (eg,\n`github:npm/hosted-git-info`). Github specifically, is detected in the case\nof a third, unprefixed, form: `npm/hosted-git-info`.\n\nIf it does match, the returned object has properties of:\n\n* info.type -- The short name of the service\n* info.domain -- The domain for git protocol use\n* info.user -- The name of the user/org on the git host\n* info.project -- The name of the project on the git host\n\nAnd methods of:\n\n* info.file(path)\n\nGiven the path of a file relative to the repository, returns a URL for\ndirectly fetching it from the githost. If no committish was set then\n`master` will be used as the default.\n\nFor example `hostedGitInfo.fromUrl(\"git@github.com:npm/hosted-git-info.git#v1.0.0\").file(\"package.json\")`\nwould return `https://raw.githubusercontent.com/npm/hosted-git-info/v1.0.0/package.json`\n\n* info.shortcut()\n\neg, `github:npm/hosted-git-info`\n\n* info.browse()\n\neg, `https://github.com/npm/hosted-git-info/tree/v1.2.0`\n\n* info.bugs()\n\neg, `https://github.com/npm/hosted-git-info/issues`\n\n* info.docs()\n\neg, `https://github.com/npm/hosted-git-info/tree/v1.2.0#readme`\n\n* info.https()\n\neg, `git+https://github.com/npm/hosted-git-info.git`\n\n* info.sshurl()\n\neg, `git+ssh://git@github.com/npm/hosted-git-info.git`\n\n* info.ssh()\n\neg, `git@github.com:npm/hosted-git-info.git`\n\n* info.path()\n\neg, `npm/hosted-git-info`\n\n* info.getDefaultRepresentation()\n\nReturns the default output type. The default output type is based on the\nstring you passed in to be parsed\n\n* info.toString()\n\nUses the getDefaultRepresentation to call one of the other methods to get a URL for\nthis resource. As such `hostedGitInfo.fromUrl(url).toString()` will give\nyou a normalized version of the URL that still uses the same protocol.\n\nShortcuts will still be returned as shortcuts, but the special case github\nform of `org/project` will be normalized to `github:org/project`.\n\nSSH connect strings will be normalized into `git+ssh` URLs.\n\n\n## Supported hosts\n\nCurrently this supports Github, Bitbucket and Gitlab. Pull requests for\nadditional hosts welcome.\n\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/hosted-git-info", + "error": "[Circular]", + "extraneous": false + }, + "is-builtin-module": { + "_args": [ + [ + "is-builtin-module@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/normalize-package-data" + ], + [ + "is-builtin-module@1.0.0", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "is-builtin-module@>=1.0.0 <2.0.0", + "_id": "is-builtin-module@1.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/is-builtin-module", + "_nodeVersion": "0.12.2", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.7.4", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "is-builtin-module@1.0.0", + "name": "is-builtin-module", + "escapedName": "is-builtin-module", + "rawSpec": "1.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/normalize-package-data" + ], + "_resolved": "https://registry.npmjs.org/is-builtin-module/-/is-builtin-module-1.0.0.tgz", + "_shasum": "540572d34f7ac3119f8f76c30cbc1b1e037affbe", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/is-builtin-module/issues" + }, + "dependencies": { + "builtin-modules": { + "_args": [ + [ + "builtin-modules@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/is-builtin-module" + ], + [ + "builtin-modules@1.1.1", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "builtin-modules@>=1.0.0 <2.0.0", + "_id": "builtin-modules@1.1.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/builtin-modules", + "_nodeVersion": "5.3.0", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "3.3.12", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "builtin-modules@1.1.1", + "name": "builtin-modules", + "escapedName": "builtin-modules", + "rawSpec": "1.1.1", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.1" + }, + "_requiredBy": [ + "/bundle-dependencies/is-builtin-module" + ], + "_resolved": "https://registry.npmjs.org/builtin-modules/-/builtin-modules-1.1.1.tgz", + "_shasum": "270f076c5a72c02f5b65a47df94c5fe3a278892f", + "_shrinkwrap": "[Circular]", + "_spec": "1.1.1", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/builtin-modules/issues" + }, + "dependencies": {}, + "description": "List of the Node.js builtin modules", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "270f076c5a72c02f5b65a47df94c5fe3a278892f", + "tarball": "http://registry.npmjs.org/builtin-modules/-/builtin-modules-1.1.1.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js", + "static.js", + "builtin-modules.json" + ], + "gitHead": "0ea253452b1d8cb3a70d16464f909dbc0bc370fe", + "homepage": "https://github.com/sindresorhus/builtin-modules#readme", + "keywords": [ + "builtin", + "built-in", + "builtins", + "node", + "modules", + "core", + "bundled", + "list", + "array", + "names" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "builtin-modules", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/builtin-modules.git" + }, + "scripts": { + "make": "node make.js", + "test": "xo && ava" + }, + "version": "1.1.1", + "readme": "# builtin-modules [![Build Status](https://travis-ci.org/sindresorhus/builtin-modules.svg?branch=master)](https://travis-ci.org/sindresorhus/builtin-modules)\n\n> List of the Node.js builtin modules\n\nThe list is just a [JSON file](builtin-modules.json) and can be used wherever.\n\n\n## Install\n\n```\n$ npm install --save builtin-modules\n```\n\n\n## Usage\n\n```js\nvar builtinModules = require('builtin-modules');\n\nconsole.log(builinModules);\n//=> ['assert', 'buffer', ...]\n```\n\n\n## API\n\nReturns an array of builtin modules fetched from the running Node.js version.\n\n### Static list\n\nThis module also comes bundled with a static array of builtin modules generated from the latest Node.js version. You can get it with `require('builtin-modules/static');`\n\n\n## Related\n\n- [is-builtin-module](https://github.com/sindresorhus/is-builtin-module) - Check if a string matches the name of a Node.js builtin module\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/builtin-modules", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Check if a string matches the name of a Node.js builtin module", + "devDependencies": { + "ava": "0.0.4" + }, + "directories": {}, + "dist": { + "shasum": "540572d34f7ac3119f8f76c30cbc1b1e037affbe", + "tarball": "http://registry.npmjs.org/is-builtin-module/-/is-builtin-module-1.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "da55ebf031f3864c5d309e25e49ed816957d70a2", + "homepage": "https://github.com/sindresorhus/is-builtin-module", + "keywords": [ + "builtin", + "built-in", + "builtins", + "node", + "modules", + "core", + "bundled", + "list", + "array", + "names", + "is", + "detect", + "check", + "match" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "is-builtin-module", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/is-builtin-module.git" + }, + "scripts": { + "test": "node test.js" + }, + "version": "1.0.0", + "readme": "# is-builtin-module [![Build Status](https://travis-ci.org/sindresorhus/is-builtin-module.svg?branch=master)](https://travis-ci.org/sindresorhus/is-builtin-module)\n\n> Check if a string matches the name of a Node.js builtin module\n\n\n## Install\n\n```\n$ npm install --save is-builtin-module\n```\n\n\n## Usage\n\n```js\nvar isBuiltinModule = require('is-builtin-module');\n\nisBuiltinModule('fs');\n//=> true\n\nisBuiltinModule('unicorn');\n//=> false :(\n```\n\n\n## Related\n\n- [builtin-modules](https://github.com/sindresorhus/builtin-modules) - List of the Node.js builtin modules\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "builtin-modules": "^1.0.0" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-builtin-module", + "error": "[Circular]", + "extraneous": false + }, + "semver": { + "_args": [ + [ + "semver@2 || 3 || 4 || 5", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/normalize-package-data" + ], + [ + "semver@5.1.0", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "semver@>=2.0.0 <3.0.0||>=3.0.0 <4.0.0||>=4.0.0 <5.0.0||>=5.0.0 <6.0.0", + "_id": "semver@5.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/semver", + "_nodeVersion": "4.0.0", + "_npmUser": { + "email": "i@izs.me", + "name": "isaacs" + }, + "_npmVersion": "3.3.2", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "semver@5.1.0", + "name": "semver", + "escapedName": "semver", + "rawSpec": "5.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "5.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies/normalize-package-data" + ], + "_resolved": "https://registry.npmjs.org/semver/-/semver-5.1.0.tgz", + "_shasum": "85f2cf8550465c4df000cf7d86f6b054106ab9e5", + "_shrinkwrap": "[Circular]", + "_spec": "5.1.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "bin": { + "semver": "bin/semver" + }, + "bugs": { + "url": "https://github.com/npm/node-semver/issues" + }, + "dependencies": {}, + "description": "The semantic version parser used by npm.", + "devDependencies": { + "tap": "^2.0.0" + }, + "directories": {}, + "dist": { + "shasum": "85f2cf8550465c4df000cf7d86f6b054106ab9e5", + "tarball": "http://registry.npmjs.org/semver/-/semver-5.1.0.tgz" + }, + "gitHead": "8e33a30e62e40e4983d1c5f55e794331b861aadc", + "homepage": "https://github.com/npm/node-semver#readme", + "license": "ISC", + "main": "semver.js", + "maintainers": [ + { + "name": "isaacs", + "email": "isaacs@npmjs.com" + }, + { + "name": "othiym23", + "email": "ogd@aoaioxxysz.net" + } + ], + "name": "semver", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/npm/node-semver.git" + }, + "scripts": { + "test": "tap test/*.js" + }, + "version": "5.1.0", + "readme": "semver(1) -- The semantic versioner for npm\n===========================================\n\n## Usage\n\n $ npm install semver\n\n semver.valid('1.2.3') // '1.2.3'\n semver.valid('a.b.c') // null\n semver.clean(' =v1.2.3 ') // '1.2.3'\n semver.satisfies('1.2.3', '1.x || >=2.5.0 || 5.0.0 - 7.2.3') // true\n semver.gt('1.2.3', '9.8.7') // false\n semver.lt('1.2.3', '9.8.7') // true\n\nAs a command-line utility:\n\n $ semver -h\n\n Usage: semver [ [...]] [-r | -i | --preid | -l | -rv]\n Test if version(s) satisfy the supplied range(s), and sort them.\n\n Multiple versions or ranges may be supplied, unless increment\n option is specified. In that case, only a single version may\n be used, and it is incremented by the specified level\n\n Program exits successfully if any valid version satisfies\n all supplied ranges, and prints all satisfying versions.\n\n If no versions are valid, or ranges are not satisfied,\n then exits failure.\n\n Versions are printed in ascending order, so supplying\n multiple versions to the utility will just sort them.\n\n## Versions\n\nA \"version\" is described by the `v2.0.0` specification found at\n.\n\nA leading `\"=\"` or `\"v\"` character is stripped off and ignored.\n\n## Ranges\n\nA `version range` is a set of `comparators` which specify versions\nthat satisfy the range.\n\nA `comparator` is composed of an `operator` and a `version`. The set\nof primitive `operators` is:\n\n* `<` Less than\n* `<=` Less than or equal to\n* `>` Greater than\n* `>=` Greater than or equal to\n* `=` Equal. If no operator is specified, then equality is assumed,\n so this operator is optional, but MAY be included.\n\nFor example, the comparator `>=1.2.7` would match the versions\n`1.2.7`, `1.2.8`, `2.5.3`, and `1.3.9`, but not the versions `1.2.6`\nor `1.1.0`.\n\nComparators can be joined by whitespace to form a `comparator set`,\nwhich is satisfied by the **intersection** of all of the comparators\nit includes.\n\nA range is composed of one or more comparator sets, joined by `||`. A\nversion matches a range if and only if every comparator in at least\none of the `||`-separated comparator sets is satisfied by the version.\n\nFor example, the range `>=1.2.7 <1.3.0` would match the versions\n`1.2.7`, `1.2.8`, and `1.2.99`, but not the versions `1.2.6`, `1.3.0`,\nor `1.1.0`.\n\nThe range `1.2.7 || >=1.2.9 <2.0.0` would match the versions `1.2.7`,\n`1.2.9`, and `1.4.6`, but not the versions `1.2.8` or `2.0.0`.\n\n### Prerelease Tags\n\nIf a version has a prerelease tag (for example, `1.2.3-alpha.3`) then\nit will only be allowed to satisfy comparator sets if at least one\ncomparator with the same `[major, minor, patch]` tuple also has a\nprerelease tag.\n\nFor example, the range `>1.2.3-alpha.3` would be allowed to match the\nversion `1.2.3-alpha.7`, but it would *not* be satisfied by\n`3.4.5-alpha.9`, even though `3.4.5-alpha.9` is technically \"greater\nthan\" `1.2.3-alpha.3` according to the SemVer sort rules. The version\nrange only accepts prerelease tags on the `1.2.3` version. The\nversion `3.4.5` *would* satisfy the range, because it does not have a\nprerelease flag, and `3.4.5` is greater than `1.2.3-alpha.7`.\n\nThe purpose for this behavior is twofold. First, prerelease versions\nfrequently are updated very quickly, and contain many breaking changes\nthat are (by the author's design) not yet fit for public consumption.\nTherefore, by default, they are excluded from range matching\nsemantics.\n\nSecond, a user who has opted into using a prerelease version has\nclearly indicated the intent to use *that specific* set of\nalpha/beta/rc versions. By including a prerelease tag in the range,\nthe user is indicating that they are aware of the risk. However, it\nis still not appropriate to assume that they have opted into taking a\nsimilar risk on the *next* set of prerelease versions.\n\n#### Prerelease Identifiers\n\nThe method `.inc` takes an additional `identifier` string argument that\nwill append the value of the string as a prerelease identifier:\n\n```javascript\n> semver.inc('1.2.3', 'prerelease', 'beta')\n'1.2.4-beta.0'\n```\n\ncommand-line example:\n\n```shell\n$ semver 1.2.3 -i prerelease --preid beta\n1.2.4-beta.0\n```\n\nWhich then can be used to increment further:\n\n```shell\n$ semver 1.2.4-beta.0 -i prerelease\n1.2.4-beta.1\n```\n\n### Advanced Range Syntax\n\nAdvanced range syntax desugars to primitive comparators in\ndeterministic ways.\n\nAdvanced ranges may be combined in the same way as primitive\ncomparators using white space or `||`.\n\n#### Hyphen Ranges `X.Y.Z - A.B.C`\n\nSpecifies an inclusive set.\n\n* `1.2.3 - 2.3.4` := `>=1.2.3 <=2.3.4`\n\nIf a partial version is provided as the first version in the inclusive\nrange, then the missing pieces are replaced with zeroes.\n\n* `1.2 - 2.3.4` := `>=1.2.0 <=2.3.4`\n\nIf a partial version is provided as the second version in the\ninclusive range, then all versions that start with the supplied parts\nof the tuple are accepted, but nothing that would be greater than the\nprovided tuple parts.\n\n* `1.2.3 - 2.3` := `>=1.2.3 <2.4.0`\n* `1.2.3 - 2` := `>=1.2.3 <3.0.0`\n\n#### X-Ranges `1.2.x` `1.X` `1.2.*` `*`\n\nAny of `X`, `x`, or `*` may be used to \"stand in\" for one of the\nnumeric values in the `[major, minor, patch]` tuple.\n\n* `*` := `>=0.0.0` (Any version satisfies)\n* `1.x` := `>=1.0.0 <2.0.0` (Matching major version)\n* `1.2.x` := `>=1.2.0 <1.3.0` (Matching major and minor versions)\n\nA partial version range is treated as an X-Range, so the special\ncharacter is in fact optional.\n\n* `\"\"` (empty string) := `*` := `>=0.0.0`\n* `1` := `1.x.x` := `>=1.0.0 <2.0.0`\n* `1.2` := `1.2.x` := `>=1.2.0 <1.3.0`\n\n#### Tilde Ranges `~1.2.3` `~1.2` `~1`\n\nAllows patch-level changes if a minor version is specified on the\ncomparator. Allows minor-level changes if not.\n\n* `~1.2.3` := `>=1.2.3 <1.(2+1).0` := `>=1.2.3 <1.3.0`\n* `~1.2` := `>=1.2.0 <1.(2+1).0` := `>=1.2.0 <1.3.0` (Same as `1.2.x`)\n* `~1` := `>=1.0.0 <(1+1).0.0` := `>=1.0.0 <2.0.0` (Same as `1.x`)\n* `~0.2.3` := `>=0.2.3 <0.(2+1).0` := `>=0.2.3 <0.3.0`\n* `~0.2` := `>=0.2.0 <0.(2+1).0` := `>=0.2.0 <0.3.0` (Same as `0.2.x`)\n* `~0` := `>=0.0.0 <(0+1).0.0` := `>=0.0.0 <1.0.0` (Same as `0.x`)\n* `~1.2.3-beta.2` := `>=1.2.3-beta.2 <1.3.0` Note that prereleases in\n the `1.2.3` version will be allowed, if they are greater than or\n equal to `beta.2`. So, `1.2.3-beta.4` would be allowed, but\n `1.2.4-beta.2` would not, because it is a prerelease of a\n different `[major, minor, patch]` tuple.\n\n#### Caret Ranges `^1.2.3` `^0.2.5` `^0.0.4`\n\nAllows changes that do not modify the left-most non-zero digit in the\n`[major, minor, patch]` tuple. In other words, this allows patch and\nminor updates for versions `1.0.0` and above, patch updates for\nversions `0.X >=0.1.0`, and *no* updates for versions `0.0.X`.\n\nMany authors treat a `0.x` version as if the `x` were the major\n\"breaking-change\" indicator.\n\nCaret ranges are ideal when an author may make breaking changes\nbetween `0.2.4` and `0.3.0` releases, which is a common practice.\nHowever, it presumes that there will *not* be breaking changes between\n`0.2.4` and `0.2.5`. It allows for changes that are presumed to be\nadditive (but non-breaking), according to commonly observed practices.\n\n* `^1.2.3` := `>=1.2.3 <2.0.0`\n* `^0.2.3` := `>=0.2.3 <0.3.0`\n* `^0.0.3` := `>=0.0.3 <0.0.4`\n* `^1.2.3-beta.2` := `>=1.2.3-beta.2 <2.0.0` Note that prereleases in\n the `1.2.3` version will be allowed, if they are greater than or\n equal to `beta.2`. So, `1.2.3-beta.4` would be allowed, but\n `1.2.4-beta.2` would not, because it is a prerelease of a\n different `[major, minor, patch]` tuple.\n* `^0.0.3-beta` := `>=0.0.3-beta <0.0.4` Note that prereleases in the\n `0.0.3` version *only* will be allowed, if they are greater than or\n equal to `beta`. So, `0.0.3-pr.2` would be allowed.\n\nWhen parsing caret ranges, a missing `patch` value desugars to the\nnumber `0`, but will allow flexibility within that value, even if the\nmajor and minor versions are both `0`.\n\n* `^1.2.x` := `>=1.2.0 <2.0.0`\n* `^0.0.x` := `>=0.0.0 <0.1.0`\n* `^0.0` := `>=0.0.0 <0.1.0`\n\nA missing `minor` and `patch` values will desugar to zero, but also\nallow flexibility within those values, even if the major version is\nzero.\n\n* `^1.x` := `>=1.0.0 <2.0.0`\n* `^0.x` := `>=0.0.0 <1.0.0`\n\n### Range Grammar\n\nPutting all this together, here is a Backus-Naur grammar for ranges,\nfor the benefit of parser authors:\n\n```bnf\nrange-set ::= range ( logical-or range ) *\nlogical-or ::= ( ' ' ) * '||' ( ' ' ) *\nrange ::= hyphen | simple ( ' ' simple ) * | ''\nhyphen ::= partial ' - ' partial\nsimple ::= primitive | partial | tilde | caret\nprimitive ::= ( '<' | '>' | '>=' | '<=' | '=' | ) partial\npartial ::= xr ( '.' xr ( '.' xr qualifier ? )? )?\nxr ::= 'x' | 'X' | '*' | nr\nnr ::= '0' | ['1'-'9']['0'-'9']+\ntilde ::= '~' partial\ncaret ::= '^' partial\nqualifier ::= ( '-' pre )? ( '+' build )?\npre ::= parts\nbuild ::= parts\nparts ::= part ( '.' part ) *\npart ::= nr | [-0-9A-Za-z]+\n```\n\n## Functions\n\nAll methods and classes take a final `loose` boolean argument that, if\ntrue, will be more forgiving about not-quite-valid semver strings.\nThe resulting output will always be 100% strict, of course.\n\nStrict-mode Comparators and Ranges will be strict about the SemVer\nstrings that they parse.\n\n* `valid(v)`: Return the parsed version, or null if it's not valid.\n* `inc(v, release)`: Return the version incremented by the release\n type (`major`, `premajor`, `minor`, `preminor`, `patch`,\n `prepatch`, or `prerelease`), or null if it's not valid\n * `premajor` in one call will bump the version up to the next major\n version and down to a prerelease of that major version.\n `preminor`, and `prepatch` work the same way.\n * If called from a non-prerelease version, the `prerelease` will work the\n same as `prepatch`. It increments the patch version, then makes a\n prerelease. If the input version is already a prerelease it simply\n increments it.\n* `major(v)`: Return the major version number.\n* `minor(v)`: Return the minor version number.\n* `patch(v)`: Return the patch version number.\n\n### Comparison\n\n* `gt(v1, v2)`: `v1 > v2`\n* `gte(v1, v2)`: `v1 >= v2`\n* `lt(v1, v2)`: `v1 < v2`\n* `lte(v1, v2)`: `v1 <= v2`\n* `eq(v1, v2)`: `v1 == v2` This is true if they're logically equivalent,\n even if they're not the exact same string. You already know how to\n compare strings.\n* `neq(v1, v2)`: `v1 != v2` The opposite of `eq`.\n* `cmp(v1, comparator, v2)`: Pass in a comparison string, and it'll call\n the corresponding function above. `\"===\"` and `\"!==\"` do simple\n string comparison, but are included for completeness. Throws if an\n invalid comparison string is provided.\n* `compare(v1, v2)`: Return `0` if `v1 == v2`, or `1` if `v1` is greater, or `-1` if\n `v2` is greater. Sorts in ascending order if passed to `Array.sort()`.\n* `rcompare(v1, v2)`: The reverse of compare. Sorts an array of versions\n in descending order when passed to `Array.sort()`.\n* `diff(v1, v2)`: Returns difference between two versions by the release type\n (`major`, `premajor`, `minor`, `preminor`, `patch`, `prepatch`, or `prerelease`),\n or null if the versions are the same.\n\n\n### Ranges\n\n* `validRange(range)`: Return the valid range or null if it's not valid\n* `satisfies(version, range)`: Return true if the version satisfies the\n range.\n* `maxSatisfying(versions, range)`: Return the highest version in the list\n that satisfies the range, or `null` if none of them do.\n* `gtr(version, range)`: Return `true` if version is greater than all the\n versions possible in the range.\n* `ltr(version, range)`: Return `true` if version is less than all the\n versions possible in the range.\n* `outside(version, range, hilo)`: Return true if the version is outside\n the bounds of the range in either the high or low direction. The\n `hilo` argument must be either the string `'>'` or `'<'`. (This is\n the function called by `gtr` and `ltr`.)\n\nNote that, since ranges may be non-contiguous, a version might not be\ngreater than a range, less than a range, *or* satisfy a range! For\nexample, the range `1.2 <1.2.9 || >2.0.0` would have a hole from `1.2.9`\nuntil `2.0.0`, so the version `1.2.10` would not be greater than the\nrange (because `2.0.1` satisfies, which is higher), nor less than the\nrange (since `1.2.8` satisfies, which is lower), and it also does not\nsatisfy the range.\n\nIf you want to know if a version satisfies or does not satisfy a\nrange, use the `satisfies(version, range)` function.\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/semver", + "error": "[Circular]", + "extraneous": false + }, + "validate-npm-package-license": { + "_args": [ + [ + "validate-npm-package-license@^3.0.1", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/normalize-package-data" + ], + [ + "validate-npm-package-license@3.0.1", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "validate-npm-package-license@>=3.0.1 <4.0.0", + "_id": "validate-npm-package-license@3.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/validate-npm-package-license", + "_nodeVersion": "0.12.7", + "_npmUser": { + "email": "kyle@kemitchell.com", + "name": "kemitchell" + }, + "_npmVersion": "2.13.5", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "validate-npm-package-license@3.0.1", + "name": "validate-npm-package-license", + "escapedName": "validate-npm-package-license", + "rawSpec": "3.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "3.0.1" + }, + "_requiredBy": [ + "/bundle-dependencies/normalize-package-data" + ], + "_resolved": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.1.tgz", + "_shasum": "2804babe712ad3379459acfbe24746ab2c303fbc", + "_shrinkwrap": "[Circular]", + "_spec": "3.0.1", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Kyle E. Mitchell", + "email": "kyle@kemitchell.com", + "url": "https://kemitchell.com" + }, + "bugs": { + "url": "https://github.com/kemitchell/validate-npm-package-license.js/issues" + }, + "dependencies": { + "spdx-correct": { + "_args": [ + [ + "spdx-correct@~1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/validate-npm-package-license" + ], + [ + "spdx-correct@1.0.2", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "spdx-correct@>=1.0.0 <1.1.0", + "_id": "spdx-correct@1.0.2", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/spdx-correct", + "_nodeVersion": "4.2.1", + "_npmUser": { + "email": "kyle@kemitchell.com", + "name": "kemitchell" + }, + "_npmVersion": "3.3.6", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "spdx-correct@1.0.2", + "name": "spdx-correct", + "escapedName": "spdx-correct", + "rawSpec": "1.0.2", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.2" + }, + "_requiredBy": [ + "/bundle-dependencies/validate-npm-package-license" + ], + "_resolved": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-1.0.2.tgz", + "_shasum": "4b3073d933ff51f3912f03ac5519498a4150db40", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.2", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Kyle E. Mitchell", + "email": "kyle@kemitchell.com", + "url": "https://kemitchell.com" + }, + "bugs": { + "url": "https://github.com/kemitchell/spdx-correct.js/issues" + }, + "dependencies": { + "spdx-license-ids": { + "_args": [ + [ + "spdx-license-ids@^1.0.2", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/spdx-correct" + ], + [ + "spdx-license-ids@1.2.0", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "spdx-license-ids@>=1.0.2 <2.0.0", + "_id": "spdx-license-ids@1.2.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/spdx-license-ids", + "_nodeVersion": "5.4.0", + "_npmUser": { + "email": "snnskwtnb@gmail.com", + "name": "shinnn" + }, + "_npmVersion": "3.5.2", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "spdx-license-ids@1.2.0", + "name": "spdx-license-ids", + "escapedName": "spdx-license-ids", + "rawSpec": "1.2.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.2.0" + }, + "_requiredBy": [ + "/bundle-dependencies/spdx-correct", + "/bundle-dependencies/spdx-expression-parse" + ], + "_resolved": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-1.2.0.tgz", + "_shasum": "b549dd0f63dcb745a17e2ea3a07402e0e332d1e2", + "_shrinkwrap": "[Circular]", + "_spec": "1.2.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Shinnosuke Watanabe", + "url": "https://github.com/shinnn" + }, + "bugs": { + "url": "https://github.com/shinnn/spdx-license-ids/issues" + }, + "dependencies": {}, + "description": "A list of SPDX license identifiers", + "devDependencies": { + "@shinnn/eslintrc": "^1.0.0", + "each-async": "^1.1.1", + "eslint": "^0.24.0", + "got": "^3.3.0", + "istanbul": "^0.3.17", + "require-bower-files": "^2.0.0", + "rimraf": "^2.4.1", + "stringify-object": "^2.2.0", + "tape": "^4.0.0" + }, + "directories": {}, + "dist": { + "shasum": "b549dd0f63dcb745a17e2ea3a07402e0e332d1e2", + "tarball": "http://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-1.2.0.tgz" + }, + "files": [ + "spdx-license-ids.json" + ], + "gitHead": "f74a7a16ca05540e0e97f1bbb61da07829b5d9ab", + "homepage": "https://github.com/shinnn/spdx-license-ids#readme", + "keywords": [ + "spdx", + "license", + "licenses", + "id", + "identifier", + "identifiers", + "json", + "array", + "oss", + "browser", + "client-side" + ], + "license": "Unlicense", + "main": "spdx-license-ids.json", + "maintainers": [ + { + "name": "shinnn", + "email": "snnskwtnb@gmail.com" + } + ], + "name": "spdx-license-ids", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/shinnn/spdx-license-ids.git" + }, + "scripts": { + "build": "node --harmony_arrow_functions build.js", + "coverage": "node --harmony_arrow_functions node_modules/.bin/istanbul cover test.js", + "coveralls": "${npm_package_scripts_coverage} && istanbul-coveralls", + "lint": "eslint --config node_modules/@shinnn/eslintrc/rc.json --ignore-path .gitignore .", + "pretest": "${npm_package_scripts_build} && ${npm_package_scripts_lint}", + "test": "node --harmony_arrow_functions test.js" + }, + "version": "1.2.0", + "readme": "# spdx-license-ids\n\nA list of [SPDX license](https://spdx.org/licenses/) identifiers\n\n[**Download JSON**](https://raw.githubusercontent.com/shinnn/spdx-license-ids/master/spdx-license-ids.json)\n\n## Use as a JavaScript Library\n\n[![NPM version](https://img.shields.io/npm/v/spdx-license-ids.svg)](https://www.npmjs.org/package/spdx-license-ids)\n[![Bower version](https://img.shields.io/bower/v/spdx-license-ids.svg)](https://github.com/shinnn/spdx-license-ids/releases)\n[![Build Status](https://travis-ci.org/shinnn/spdx-license-ids.svg?branch=master)](https://travis-ci.org/shinnn/spdx-license-ids)\n[![Coverage Status](https://img.shields.io/coveralls/shinnn/spdx-license-ids.svg)](https://coveralls.io/r/shinnn/spdx-license-ids)\n[![devDependency Status](https://david-dm.org/shinnn/spdx-license-ids/dev-status.svg)](https://david-dm.org/shinnn/spdx-license-ids#info=devDependencies)\n\n### Installation\n\n#### Package managers\n\n##### [npm](https://www.npmjs.com/)\n\n```sh\nnpm install spdx-license-ids\n```\n\n##### [bower](http://bower.io/)\n\n```sh\nbower install spdx-license-ids\n```\n\n##### [Duo](http://duojs.org/)\n\n```javascript\nconst spdxLicenseIds = require('shinnn/spdx-license-ids');\n```\n\n#### Standalone\n\n[Download the script file directly.](https://raw.githubusercontent.com/shinnn/spdx-license-ids/master/spdx-license-ids-browser.js)\n\n### API\n\n#### spdxLicenseIds\n\nType: `Array` of `String`\n\nIt returns an array of SPDX license identifiers.\n\n```javascript\nconst spdxLicenseIds = require('spdx-license-ids'); //=> ['Glide', 'Abstyles', 'AFL-1.1', ... ]\n```\n\n## License\n\n[The Unlicense](./LICENSE).\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-license-ids", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "correct invalid SPDX identifiers", + "devDependencies": { + "defence-cli": "^1.0.1", + "replace-require-self": "^1.0.0", + "spdx-expression-parse": "^1.0.0", + "tape": "~4.0.0" + }, + "directories": {}, + "dist": { + "shasum": "4b3073d933ff51f3912f03ac5519498a4150db40", + "tarball": "http://registry.npmjs.org/spdx-correct/-/spdx-correct-1.0.2.tgz" + }, + "gitHead": "8430a3ad521e1455208db33faafcb79c7b074236", + "homepage": "https://github.com/kemitchell/spdx-correct.js#readme", + "keywords": [ + "SPDX", + "law", + "legal", + "license", + "metadata" + ], + "license": "Apache-2.0", + "maintainers": [ + { + "name": "kemitchell", + "email": "kyle@kemitchell.com" + }, + { + "name": "othiym23", + "email": "ogd@aoaioxxysz.net" + } + ], + "name": "spdx-correct", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/kemitchell/spdx-correct.js.git" + }, + "scripts": { + "test": "defence README.md | replace-require-self | node && tape *.test.js" + }, + "version": "1.0.2", + "readme": "```javascript\nvar correct = require('spdx-correct');\nvar assert = require('assert');\n\nassert.equal(correct('mit'), 'MIT')\n\nassert.equal(correct('Apache 2'), 'Apache-2.0')\n\nassert(correct('No idea what license') === null)\n```\n", + "readmeFilename": "README.md", + "_dependencies": { + "spdx-license-ids": "^1.0.2" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-correct", + "error": "[Circular]", + "extraneous": false + }, + "spdx-expression-parse": { + "_args": [ + [ + "spdx-expression-parse@~1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/validate-npm-package-license" + ], + [ + "spdx-expression-parse@1.0.2", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "spdx-expression-parse@>=1.0.0 <1.1.0", + "_id": "spdx-expression-parse@1.0.2", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/spdx-expression-parse", + "_nodeVersion": "5.0.0", + "_npmUser": { + "email": "kyle@kemitchell.com", + "name": "kemitchell" + }, + "_npmVersion": "3.3.6", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "spdx-expression-parse@1.0.2", + "name": "spdx-expression-parse", + "escapedName": "spdx-expression-parse", + "rawSpec": "1.0.2", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.2" + }, + "_requiredBy": [ + "/bundle-dependencies/validate-npm-package-license" + ], + "_resolved": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-1.0.2.tgz", + "_shasum": "d52b14b5e9670771440af225bcb563122ac452f6", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.2", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Kyle E. Mitchell", + "email": "kyle@kemitchell.com", + "url": "http://kemitchell.com" + }, + "bugs": { + "url": "https://github.com/kemitchell/spdx-expression-parse.js/issues" + }, + "dependencies": { + "spdx-exceptions": { + "_args": [ + [ + "spdx-exceptions@^1.0.4", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/spdx-expression-parse" + ], + [ + "spdx-exceptions@1.0.4", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "spdx-exceptions@>=1.0.4 <2.0.0", + "_id": "spdx-exceptions@1.0.4", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/spdx-exceptions", + "_nodeVersion": "5.0.0", + "_npmUser": { + "email": "kyle@kemitchell.com", + "name": "kemitchell" + }, + "_npmVersion": "3.3.6", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "spdx-exceptions@1.0.4", + "name": "spdx-exceptions", + "escapedName": "spdx-exceptions", + "rawSpec": "1.0.4", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.4" + }, + "_requiredBy": [ + "/bundle-dependencies/spdx-expression-parse" + ], + "_resolved": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-1.0.4.tgz", + "_shasum": "220b84239119ae9045a892db81a83f4ce16f80fd", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.4", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "The Linux Foundation" + }, + "bugs": { + "url": "https://github.com/kemitchell/spdx-exceptions.json/issues" + }, + "contributors": [ + { + "name": "Kyle E. Mitchell", + "email": "kyle@kemitchell.com", + "url": "https://kemitchell.com/" + } + ], + "dependencies": {}, + "description": "list of SPDX standard license exceptions", + "devDependencies": {}, + "directories": {}, + "dist": { + "shasum": "220b84239119ae9045a892db81a83f4ce16f80fd", + "tarball": "http://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-1.0.4.tgz" + }, + "gitHead": "770316d6c946417ab6efa8533b82d0b61779092b", + "homepage": "https://github.com/kemitchell/spdx-exceptions.json#readme", + "license": "CC-BY-3.0", + "maintainers": [ + { + "name": "kemitchell", + "email": "kyle@kemitchell.com" + } + ], + "name": "spdx-exceptions", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/kemitchell/spdx-exceptions.json.git" + }, + "scripts": {}, + "version": "1.0.4", + "readme": "The package exports an array of strings.\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-exceptions", + "error": "[Circular]", + "extraneous": false + }, + "spdx-license-ids": { + "_args": "[Circular]", + "_from": "spdx-license-ids@>=1.0.2 <2.0.0", + "_id": "spdx-license-ids@1.2.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/spdx-license-ids", + "_nodeVersion": "5.4.0", + "_npmUser": "[Circular]", + "_npmVersion": "3.5.2", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "spdx-license-ids@1.2.0", + "name": "spdx-license-ids", + "escapedName": "spdx-license-ids", + "rawSpec": "1.2.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.2.0" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-1.2.0.tgz", + "_shasum": "b549dd0f63dcb745a17e2ea3a07402e0e332d1e2", + "_shrinkwrap": "[Circular]", + "_spec": "1.2.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "A list of SPDX license identifiers", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "files": "[Circular]", + "gitHead": "f74a7a16ca05540e0e97f1bbb61da07829b5d9ab", + "homepage": "https://github.com/shinnn/spdx-license-ids#readme", + "keywords": "[Circular]", + "license": "Unlicense", + "main": "spdx-license-ids.json", + "maintainers": "[Circular]", + "name": "spdx-license-ids", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "1.2.0", + "readme": "# spdx-license-ids\n\nA list of [SPDX license](https://spdx.org/licenses/) identifiers\n\n[**Download JSON**](https://raw.githubusercontent.com/shinnn/spdx-license-ids/master/spdx-license-ids.json)\n\n## Use as a JavaScript Library\n\n[![NPM version](https://img.shields.io/npm/v/spdx-license-ids.svg)](https://www.npmjs.org/package/spdx-license-ids)\n[![Bower version](https://img.shields.io/bower/v/spdx-license-ids.svg)](https://github.com/shinnn/spdx-license-ids/releases)\n[![Build Status](https://travis-ci.org/shinnn/spdx-license-ids.svg?branch=master)](https://travis-ci.org/shinnn/spdx-license-ids)\n[![Coverage Status](https://img.shields.io/coveralls/shinnn/spdx-license-ids.svg)](https://coveralls.io/r/shinnn/spdx-license-ids)\n[![devDependency Status](https://david-dm.org/shinnn/spdx-license-ids/dev-status.svg)](https://david-dm.org/shinnn/spdx-license-ids#info=devDependencies)\n\n### Installation\n\n#### Package managers\n\n##### [npm](https://www.npmjs.com/)\n\n```sh\nnpm install spdx-license-ids\n```\n\n##### [bower](http://bower.io/)\n\n```sh\nbower install spdx-license-ids\n```\n\n##### [Duo](http://duojs.org/)\n\n```javascript\nconst spdxLicenseIds = require('shinnn/spdx-license-ids');\n```\n\n#### Standalone\n\n[Download the script file directly.](https://raw.githubusercontent.com/shinnn/spdx-license-ids/master/spdx-license-ids-browser.js)\n\n### API\n\n#### spdxLicenseIds\n\nType: `Array` of `String`\n\nIt returns an array of SPDX license identifiers.\n\n```javascript\nconst spdxLicenseIds = require('spdx-license-ids'); //=> ['Glide', 'Abstyles', 'AFL-1.1', ... ]\n```\n\n## License\n\n[The Unlicense](./LICENSE).\n", + "readmeFilename": "README.md", + "_dependencies": "[Circular]", + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-license-ids", + "error": "[Circular]", + "extraneous": false, + "_deduped": "bundle-dependencies/spdx-license-ids" + } + }, + "description": "parse SPDX license expressions", + "devDependencies": { + "defence-cli": "^1.0.1", + "jison": "^0.4.15", + "replace-require-self": "^1.0.0", + "uglify-js": "^2.4.24" + }, + "directories": {}, + "dist": { + "shasum": "d52b14b5e9670771440af225bcb563122ac452f6", + "tarball": "http://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-1.0.2.tgz" + }, + "gitHead": "ffe2fa7272ebf640b18286fc561f17a844d4f06b", + "homepage": "https://github.com/kemitchell/spdx-expression-parse.js#readme", + "keywords": [ + "SPDX", + "law", + "legal", + "license", + "metadata", + "package", + "package.json", + "standards" + ], + "license": "(MIT AND CC-BY-3.0)", + "maintainers": [ + { + "name": "kemitchell", + "email": "kyle@kemitchell.com" + } + ], + "name": "spdx-expression-parse", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/kemitchell/spdx-expression-parse.js.git" + }, + "scripts": { + "prepublish": "node generate-parser.js | uglifyjs > parser.generated.js", + "pretest": "npm run prepublish", + "test": "defence -i javascript README.md | replace-require-self | node" + }, + "version": "1.0.2", + "readme": "```javascript\nvar parse = require('spdx-expression-parse')\nvar assert = require('assert')\n\nvar firstAST = {\n left: { license: 'LGPL-2.1' },\n conjunction: 'or',\n right: {\n left: { license: 'BSD-3-Clause' },\n conjunction: 'and',\n right: { license: 'MIT' } } }\n\nassert.deepEqual(\n parse('(LGPL-2.1 OR BSD-3-Clause AND MIT)'),\n firstAST)\n\nvar secondAST = {\n left: { license: 'MIT' },\n conjunction: 'and',\n right: {\n left: {\n\t license: 'LGPL-2.1',\n\t plus: true },\n conjunction: 'and',\n right: { license: 'BSD-3-Clause' } } }\n\nassert.deepEqual(\n parse('(MIT AND (LGPL-2.1+ AND BSD-3-Clause))'),\n secondAST)\n\n// We handle all the bare SPDX license and exception ids as well.\nrequire('spdx-license-ids').forEach(function(id) {\n assert.deepEqual(\n parse(id),\n { license: id })\n require('spdx-exceptions').forEach(function(e) {\n assert.deepEqual(\n parse(id + ' WITH ' + e),\n { license: id, exception: e }) }) })\n```\n\n---\n\n[The Software Package Data Exchange (SPDX) specification](http://spdx.org) is the work of the [Linux Foundation](http://www.linuxfoundation.org) and its contributors, and is licensed under the terms of [the Creative Commons Attribution License 3.0 Unported (SPDX: \"CC-BY-3.0\")](http://spdx.org/licenses/CC-BY-3.0). \"SPDX\" is a United States federally registered trademark of the Linux Foundation.\n", + "readmeFilename": "README.md", + "_dependencies": { + "spdx-exceptions": "^1.0.4", + "spdx-license-ids": "^1.0.0" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-expression-parse", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Give me a string and I'll tell you if it's a valid npm package license string", + "devDependencies": { + "defence-cli": "^1.0.1", + "replace-require-self": "^1.0.0" + }, + "directories": {}, + "dist": { + "shasum": "2804babe712ad3379459acfbe24746ab2c303fbc", + "tarball": "http://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.1.tgz" + }, + "gitHead": "00200d28f9960985f221bc1a8a71e4760daf39bf", + "homepage": "https://github.com/kemitchell/validate-npm-package-license.js#readme", + "keywords": [ + "license", + "npm", + "package", + "validation" + ], + "license": "Apache-2.0", + "maintainers": [ + { + "name": "kemitchell", + "email": "kyle@kemitchell.com" + }, + { + "name": "othiym23", + "email": "ogd@aoaioxxysz.net" + } + ], + "name": "validate-npm-package-license", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/kemitchell/validate-npm-package-license.js.git" + }, + "scripts": { + "test": "defence README.md | replace-require-self | node" + }, + "version": "3.0.1", + "readme": "validate-npm-package-license\n============================\n\nGive me a string and I'll tell you if it's a valid npm package license string.\n\n```javascript\nvar valid = require('validate-npm-package-license');\n```\n\nSPDX license identifiers are valid license strings:\n\n```javascript\n\nvar assert = require('assert');\nvar validSPDXExpression = {\n validForNewPackages: true,\n validForOldPackages: true,\n spdx: true\n};\n\nassert.deepEqual(valid('MIT'), validSPDXExpression);\nassert.deepEqual(valid('BSD-2-Clause'), validSPDXExpression);\nassert.deepEqual(valid('Apache-2.0'), validSPDXExpression);\nassert.deepEqual(valid('ISC'), validSPDXExpression);\n```\nThe function will return a warning and suggestion for nearly-correct license identifiers:\n\n```javascript\nassert.deepEqual(\n valid('Apache 2.0'),\n {\n validForOldPackages: false,\n validForNewPackages: false,\n warnings: [\n 'license should be ' +\n 'a valid SPDX license expression (without \"LicenseRef\"), ' +\n '\"UNLICENSED\", or ' +\n '\"SEE LICENSE IN \"',\n 'license is similar to the valid expression \"Apache-2.0\"'\n ]\n }\n);\n```\n\nSPDX expressions are valid, too ...\n\n```javascript\n// Simple SPDX license expression for dual licensing\nassert.deepEqual(\n valid('(GPL-3.0 OR BSD-2-Clause)'),\n validSPDXExpression\n);\n```\n\n... except if they contain `LicenseRef`:\n\n```javascript\nvar warningAboutLicenseRef = {\n validForOldPackages: false,\n validForNewPackages: false,\n spdx: true,\n warnings: [\n 'license should be ' +\n 'a valid SPDX license expression (without \"LicenseRef\"), ' +\n '\"UNLICENSED\", or ' +\n '\"SEE LICENSE IN \"',\n ]\n};\n\nassert.deepEqual(\n valid('LicenseRef-Made-Up'),\n warningAboutLicenseRef\n);\n\nassert.deepEqual(\n valid('(MIT OR LicenseRef-Made-Up)'),\n warningAboutLicenseRef\n);\n```\n\nIf you can't describe your licensing terms with standardized SPDX identifiers, put the terms in a file in the package and point users there:\n\n```javascript\nassert.deepEqual(\n valid('SEE LICENSE IN LICENSE.txt'),\n {\n validForNewPackages: true,\n validForOldPackages: true,\n inFile: 'LICENSE.txt'\n }\n);\n\nassert.deepEqual(\n valid('SEE LICENSE IN license.md'),\n {\n validForNewPackages: true,\n validForOldPackages: true,\n inFile: 'license.md'\n }\n);\n```\n\nIf there aren't any licensing terms, use `UNLICENSED`:\n\n```javascript\nvar unlicensed = {\n validForNewPackages: true,\n validForOldPackages: true,\n unlicensed: true\n};\nassert.deepEqual(valid('UNLICENSED'), unlicensed);\nassert.deepEqual(valid('UNLICENCED'), unlicensed);\n```\n", + "readmeFilename": "README.md", + "_dependencies": { + "spdx-correct": "~1.0.0", + "spdx-expression-parse": "~1.0.0" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/validate-npm-package-license", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Normalizes data that can be found in package.json files.", + "devDependencies": { + "async": "^1.5.0", + "tap": "^2.2.0", + "underscore": "^1.8.3" + }, + "directories": {}, + "dist": { + "shasum": "8d924f142960e1777e7ffe170543631cc7cb02df", + "tarball": "http://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.3.5.tgz" + }, + "gitHead": "3dc7756af20b3b1b24c6d75302448ca3659e0a65", + "homepage": "https://github.com/npm/normalize-package-data#readme", + "license": "BSD-2-Clause", + "main": "lib/normalize.js", + "maintainers": [ + { + "name": "iarna", + "email": "me@re-becca.org" + }, + { + "name": "isaacs", + "email": "isaacs@npmjs.com" + }, + { + "name": "meryn", + "email": "merynstol@gmail.com" + }, + { + "name": "othiym23", + "email": "ogd@aoaioxxysz.net" + }, + { + "name": "zkat", + "email": "kat@sykosomatic.org" + } + ], + "name": "normalize-package-data", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git://github.com/npm/normalize-package-data.git" + }, + "scripts": { + "test": "tap test/*.js" + }, + "version": "2.3.5", + "readme": "# normalize-package-data [![Build Status](https://travis-ci.org/npm/normalize-package-data.png?branch=master)](https://travis-ci.org/npm/normalize-package-data)\n\nnormalize-package data exports a function that normalizes package metadata. This data is typically found in a package.json file, but in principle could come from any source - for example the npm registry.\n\nnormalize-package-data is used by [read-package-json](https://npmjs.org/package/read-package-json) to normalize the data it reads from a package.json file. In turn, read-package-json is used by [npm](https://npmjs.org/package/npm) and various npm-related tools.\n\n## Installation\n\n```\nnpm install normalize-package-data\n```\n\n## Usage\n\nBasic usage is really simple. You call the function that normalize-package-data exports. Let's call it `normalizeData`.\n\n```javascript\nnormalizeData = require('normalize-package-data')\npackageData = fs.readFileSync(\"package.json\")\nnormalizeData(packageData)\n// packageData is now normalized\n```\n\n#### Strict mode\n\nYou may activate strict validation by passing true as the second argument.\n\n```javascript\nnormalizeData = require('normalize-package-data')\npackageData = fs.readFileSync(\"package.json\")\nwarnFn = function(msg) { console.error(msg) }\nnormalizeData(packageData, true)\n// packageData is now normalized\n```\n\nIf strict mode is activated, only Semver 2.0 version strings are accepted. Otherwise, Semver 1.0 strings are accepted as well. Packages must have a name, and the name field must not have contain leading or trailing whitespace.\n\n#### Warnings\n\nOptionally, you may pass a \"warning\" function. It gets called whenever the `normalizeData` function encounters something that doesn't look right. It indicates less than perfect input data.\n\n```javascript\nnormalizeData = require('normalize-package-data')\npackageData = fs.readFileSync(\"package.json\")\nwarnFn = function(msg) { console.error(msg) }\nnormalizeData(packageData, warnFn)\n// packageData is now normalized. Any number of warnings may have been logged.\n```\n\nYou may combine strict validation with warnings by passing `true` as the second argument, and `warnFn` as third.\n\nWhen `private` field is set to `true`, warnings will be suppressed.\n\n### Potential exceptions\n\nIf the supplied data has an invalid name or version vield, `normalizeData` will throw an error. Depending on where you call `normalizeData`, you may want to catch these errors so can pass them to a callback.\n\n## What normalization (currently) entails\n\n* The value of `name` field gets trimmed (unless in strict mode).\n* The value of the `version` field gets cleaned by `semver.clean`. See [documentation for the semver module](https://github.com/isaacs/node-semver).\n* If `name` and/or `version` fields are missing, they are set to empty strings.\n* If `files` field is not an array, it will be removed.\n* If `bin` field is a string, then `bin` field will become an object with `name` set to the value of the `name` field, and `bin` set to the original string value.\n* If `man` field is a string, it will become an array with the original string as its sole member.\n* If `keywords` field is string, it is considered to be a list of keywords separated by one or more white-space characters. It gets converted to an array by splitting on `\\s+`.\n* All people fields (`author`, `maintainers`, `contributors`) get converted into objects with name, email and url properties.\n* If `bundledDependencies` field (a typo) exists and `bundleDependencies` field does not, `bundledDependencies` will get renamed to `bundleDependencies`.\n* If the value of any of the dependencies fields (`dependencies`, `devDependencies`, `optionalDependencies`) is a string, it gets converted into an object with familiar `name=>value` pairs.\n* The values in `optionalDependencies` get added to `dependencies`. The `optionalDependencies` array is left untouched.\n* As of v2: Dependencies that point at known hosted git providers (currently: github, bitbucket, gitlab) will have their URLs canonicalized, but protocols will be preserved.\n* As of v2: Dependencies that use shortcuts for hosted git providers (`org/proj`, `github:org/proj`, `bitbucket:org/proj`, `gitlab:org/proj`, `gist:docid`) will have the shortcut left in place. (In the case of github, the `org/proj` form will be expanded to `github:org/proj`.) THIS MARKS A BREAKING CHANGE FROM V1, where the shorcut was previously expanded to a URL.\n* If `description` field does not exist, but `readme` field does, then (more or less) the first paragraph of text that's found in the readme is taken as value for `description`.\n* If `repository` field is a string, it will become an object with `url` set to the original string value, and `type` set to `\"git\"`.\n* If `repository.url` is not a valid url, but in the style of \"[owner-name]/[repo-name]\", `repository.url` will be set to git+https://github.com/[owner-name]/[repo-name].git\n* If `bugs` field is a string, the value of `bugs` field is changed into an object with `url` set to the original string value.\n* If `bugs` field does not exist, but `repository` field points to a repository hosted on GitHub, the value of the `bugs` field gets set to an url in the form of https://github.com/[owner-name]/[repo-name]/issues . If the repository field points to a GitHub Gist repo url, the associated http url is chosen.\n* If `bugs` field is an object, the resulting value only has email and url properties. If email and url properties are not strings, they are ignored. If no valid values for either email or url is found, bugs field will be removed.\n* If `homepage` field is not a string, it will be removed.\n* If the url in the `homepage` field does not specify a protocol, then http is assumed. For example, `myproject.org` will be changed to `http://myproject.org`.\n* If `homepage` field does not exist, but `repository` field points to a repository hosted on GitHub, the value of the `homepage` field gets set to an url in the form of https://github.com/[owner-name]/[repo-name]/ . If the repository field points to a GitHub Gist repo url, the associated http url is chosen.\n\n### Rules for name field\n\nIf `name` field is given, the value of the name field must be a string. The string may not:\n\n* start with a period.\n* contain the following characters: `/@\\s+%`\n* contain and characters that would need to be encoded for use in urls.\n* resemble the word `node_modules` or `favicon.ico` (case doesn't matter).\n\n### Rules for version field\n\nIf `version` field is given, the value of the version field must be a valid *semver* string, as determined by the `semver.valid` method. See [documentation for the semver module](https://github.com/isaacs/node-semver).\n\n### Rules for license field\n\nThe `license` field should be a valid *SPDX license expression* or one of the special values allowed by [validate-npm-package-license](https://npmjs.com/packages/validate-npm-package-license). See [documentation for the license field in package.json](https://docs.npmjs.com/files/package.json#license).\n\n## Credits\n\nThis package contains code based on read-package-json written by Isaac Z. Schlueter. Used with permisson.\n\n## License\n\nnormalize-package-data is released under the [BSD 2-Clause License](http://opensource.org/licenses/MIT). \nCopyright (c) 2013 Meryn Stol \n", + "readmeFilename": "README.md", + "_dependencies": { + "hosted-git-info": "^2.1.4", + "is-builtin-module": "^1.0.0", + "semver": "2 || 3 || 4 || 5", + "validate-npm-package-license": "^3.0.1" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/normalize-package-data", + "error": "[Circular]", + "extraneous": false + }, + "path-type": { + "_args": [ + [ + "path-type@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/read-pkg" + ], + [ + "path-type@1.1.0", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "path-type@>=1.0.0 <2.0.0", + "_id": "path-type@1.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/path-type", + "_nodeVersion": "4.2.1", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.14.7", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "path-type@1.1.0", + "name": "path-type", + "escapedName": "path-type", + "rawSpec": "1.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies/read-pkg" + ], + "_resolved": "https://registry.npmjs.org/path-type/-/path-type-1.1.0.tgz", + "_shasum": "59c44f7ee491da704da415da5a4070ba4f8fe441", + "_shrinkwrap": "[Circular]", + "_spec": "1.1.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/path-type/issues" + }, + "dependencies": { + "graceful-fs": { + "_args": "[Circular]", + "_from": "graceful-fs@>=4.1.2 <5.0.0", + "_id": "graceful-fs@4.1.3", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/graceful-fs", + "_nodeVersion": "4.0.0", + "_npmOperationalInternal": "[Circular]", + "_npmUser": "[Circular]", + "_npmVersion": "3.7.0", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "graceful-fs@4.1.3", + "name": "graceful-fs", + "escapedName": "graceful-fs", + "rawSpec": "4.1.3", + "saveSpec": "[Circular]", + "fetchSpec": "4.1.3" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.1.3.tgz", + "_shasum": "92033ce11113c41e2628d61fdfa40bc10dc0155c", + "_shrinkwrap": "[Circular]", + "_spec": "4.1.3", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "bugs": "[Circular]", + "dependencies": {}, + "description": "A drop-in replacement for fs, making various improvements.", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "694c56f3aed4aee62d6df169be123d3984f61b85", + "homepage": "https://github.com/isaacs/node-graceful-fs#readme", + "keywords": "[Circular]", + "license": "ISC", + "main": "graceful-fs.js", + "maintainers": "[Circular]", + "name": "graceful-fs", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "4.1.3", + "readme": "# graceful-fs\n\ngraceful-fs functions as a drop-in replacement for the fs module,\nmaking various improvements.\n\nThe improvements are meant to normalize behavior across different\nplatforms and environments, and to make filesystem access more\nresilient to errors.\n\n## Improvements over [fs module](http://api.nodejs.org/fs.html)\n\ngraceful-fs:\n\n* Queues up `open` and `readdir` calls, and retries them once\n something closes if there is an EMFILE error from too many file\n descriptors.\n* fixes `lchmod` for Node versions prior to 0.6.2.\n* implements `fs.lutimes` if possible. Otherwise it becomes a noop.\n* ignores `EINVAL` and `EPERM` errors in `chown`, `fchown` or\n `lchown` if the user isn't root.\n* makes `lchmod` and `lchown` become noops, if not available.\n* retries reading a file if `read` results in EAGAIN error.\n\nOn Windows, it retries renaming a file for up to one second if `EACCESS`\nor `EPERM` error occurs, likely because antivirus software has locked\nthe directory.\n\n## USAGE\n\n```javascript\n// use just like fs\nvar fs = require('graceful-fs')\n\n// now go and do stuff with it...\nfs.readFileSync('some-file-or-whatever')\n```\n\n## Global Patching\n\nIf you want to patch the global fs module (or any other fs-like\nmodule) you can do this:\n\n```javascript\n// Make sure to read the caveat below.\nvar realFs = require('fs')\nvar gracefulFs = require('graceful-fs')\ngracefulFs.gracefulify(realFs)\n```\n\nThis should only ever be done at the top-level application layer, in\norder to delay on EMFILE errors from any fs-using dependencies. You\nshould **not** do this in a library, because it can cause unexpected\ndelays in other parts of the program.\n", + "readmeFilename": "README.md", + "_dependencies": "[Circular]", + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/graceful-fs", + "error": "[Circular]", + "extraneous": false, + "_deduped": "bundle-dependencies/graceful-fs" + }, + "pify": { + "_args": "[Circular]", + "_from": "pify@>=2.0.0 <3.0.0", + "_id": "pify@2.3.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/pify", + "_nodeVersion": "4.2.1", + "_npmUser": "[Circular]", + "_npmVersion": "2.14.7", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "pify@2.3.0", + "name": "pify", + "escapedName": "pify", + "rawSpec": "2.3.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.3.0" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz", + "_shasum": "ed141a6ac043a849ea588498e7dca8b15330e90c", + "_shrinkwrap": "[Circular]", + "_spec": "2.3.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "Promisify a callback-style function", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "2dd0d8b880e4ebcc5cc33ae126b02647418e4440", + "homepage": "https://github.com/sindresorhus/pify", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "pify", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "2.3.0", + "readme": "# pify [![Build Status](https://travis-ci.org/sindresorhus/pify.svg?branch=master)](https://travis-ci.org/sindresorhus/pify)\n\n> Promisify a callback-style function\n\n\n## Install\n\n```\n$ npm install --save pify\n```\n\n\n## Usage\n\n```js\nconst fs = require('fs');\nconst pify = require('pify');\n\n// promisify a single function\n\npify(fs.readFile)('package.json', 'utf8').then(data => {\n\tconsole.log(JSON.parse(data).name);\n\t//=> 'pify'\n});\n\n// or promisify all methods in a module\n\npify(fs).readFile('package.json', 'utf8').then(data => {\n\tconsole.log(JSON.parse(data).name);\n\t//=> 'pify'\n});\n```\n\n\n## API\n\n### pify(input, [promiseModule], [options])\n\nReturns a promise wrapped version of the supplied function or module.\n\n#### input\n\nType: `function`, `object`\n\nCallback-style function or module whose methods you want to promisify.\n\n#### promiseModule\n\nType: `function`\n\nCustom promise module to use instead of the native one.\n\nCheck out [`pinkie-promise`](https://github.com/floatdrop/pinkie-promise) if you need a tiny promise polyfill.\n\n#### options\n\n##### multiArgs\n\nType: `boolean` \nDefault: `false`\n\nBy default, the promisified function will only return the second argument from the callback, which works fine for most APIs. This option can be useful for modules like `request` that return multiple arguments. Turning this on will make it return an array of all arguments from the callback, excluding the error argument, instead of just the second argument.\n\n```js\nconst request = require('request');\nconst pify = require('pify');\n\npify(request, {multiArgs: true})('https://sindresorhus.com').then(result => {\n\tconst [httpResponse, body] = result;\n});\n```\n\n##### include\n\nType: `array` of (`string`|`regex`)\n\nMethods in a module to promisify. Remaining methods will be left untouched.\n\n##### exclude\n\nType: `array` of (`string`|`regex`) \nDefault: `[/.+Sync$/]`\n\nMethods in a module **not** to promisify. Methods with names ending with `'Sync'` are excluded by default.\n\n##### excludeMain\n\nType: `boolean` \nDefault: `false`\n\nBy default, if given module is a function itself, this function will be promisified. Turn this option on if you want to promisify only methods of the module.\n\n```js\nconst pify = require('pify');\n\nfunction fn() {\n\treturn true;\n}\n\nfn.method = (data, callback) => {\n\tsetImmediate(() => {\n\t\tcallback(data, null);\n\t});\n};\n\n// promisify methods but not fn()\nconst promiseFn = pify(fn, {excludeMain: true});\n\nif (promiseFn()) {\n\tpromiseFn.method('hi').then(data => {\n\t\tconsole.log(data);\n\t});\n}\n```\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pify", + "error": "[Circular]", + "extraneous": false, + "_deduped": "bundle-dependencies/pify" + }, + "pinkie-promise": { + "_args": "[Circular]", + "_from": "pinkie-promise@>=2.0.0 <3.0.0", + "_id": "pinkie-promise@2.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/pinkie-promise", + "_nodeVersion": "4.2.0", + "_npmUser": "[Circular]", + "_npmVersion": "2.14.7", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "pinkie-promise@2.0.0", + "name": "pinkie-promise", + "escapedName": "pinkie-promise", + "rawSpec": "2.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.0.0" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/pinkie-promise/-/pinkie-promise-2.0.0.tgz", + "_shasum": "4c83538de1f6e660c29e0a13446844f7a7e88259", + "_shrinkwrap": "[Circular]", + "_spec": "2.0.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "ES2015 Promise ponyfill", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "f90fcae9838bcae7ae1ae4ebc9b29f11e5db4980", + "homepage": "https://github.com/floatdrop/pinkie-promise", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "pinkie-promise", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "2.0.0", + "readme": "# pinkie-promise [![Build Status](https://travis-ci.org/floatdrop/pinkie-promise.svg?branch=master)](https://travis-ci.org/floatdrop/pinkie-promise)\n\n> [ES2015 Promise](https://people.mozilla.org/~jorendorff/es6-draft.html#sec-promise-objects) ponyfill\n\nModule exports global Promise object (if available) or [`pinkie`](http://github.com/floatdrop/pinkie) Promise polyfill.\n\n## Install\n\n```\n$ npm install --save pinkie-promise\n```\n\n## Usage\n\n```js\nvar Promise = require('pinkie-promise');\n\nnew Promise(function (resolve) { resolve('unicorns'); });\n//=> Promise { 'unicorns' }\n```\n\n## Related\n\n- [pify](https://github.com/sindresorhus/pify) - Promisify a callback-style function\n\n## License\n\nMIT © [Vsevolod Strukchinsky](http://github.com/floatdrop)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "error": "[Circular]", + "extraneous": false, + "_deduped": "bundle-dependencies/pinkie-promise" + } + }, + "description": "Check if a path is a file, directory, or symlink", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "59c44f7ee491da704da415da5a4070ba4f8fe441", + "tarball": "http://registry.npmjs.org/path-type/-/path-type-1.1.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "dff5c2a62f89efe7e0cce600bf38e76196d8b4b2", + "homepage": "https://github.com/sindresorhus/path-type", + "keywords": [ + "path", + "fs", + "type", + "is", + "check", + "directory", + "dir", + "file", + "filepath", + "symlink", + "symbolic", + "link", + "stat", + "stats", + "filesystem" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "path-type", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/path-type.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "1.1.0", + "xo": { + "ignores": [ + "test.js" + ] + }, + "readme": "# path-type [![Build Status](https://travis-ci.org/sindresorhus/path-type.svg?branch=master)](https://travis-ci.org/sindresorhus/path-type)\n\n> Check if a path is a file, directory, or symlink\n\n\n## Install\n\n```\n$ npm install --save path-type\n```\n\n\n## Usage\n\n```js\nvar pathType = require('path-type');\n\npathType.file('package.json').then(function (isFile) {\n\tconsole.log(isFile);\n\t//=> true\n})\n```\n\n\n## API\n\n### .file(path)\n### .dir(path)\n### .symlink(path)\n\nReturns a promise that resolves to a boolean of whether the path is the checked type.\n\n### .fileSync(path)\n### .dirSync(path)\n### .symlinkSync(path)\n\nReturns a boolean of whether the path is the checked type.\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "graceful-fs": "^4.1.2", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/path-type", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Read a package.json file", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "f5ffaa5ecd29cb31c0474bca7d756b6bb29e3f28", + "tarball": "http://registry.npmjs.org/read-pkg/-/read-pkg-1.1.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "9448d32b2ebcd65fc0547def3cfe5b28ef522e68", + "homepage": "https://github.com/sindresorhus/read-pkg", + "keywords": [ + "json", + "read", + "parse", + "file", + "fs", + "graceful", + "load", + "pkg", + "package", + "normalize" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "read-pkg", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/read-pkg.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "1.1.0", + "readme": "# read-pkg [![Build Status](https://travis-ci.org/sindresorhus/read-pkg.svg?branch=master)](https://travis-ci.org/sindresorhus/read-pkg)\n\n> Read a package.json file\n\n\n## Why\n\n- [Gracefully handles filesystem issues](https://github.com/isaacs/node-graceful-fs)\n- [Strips UTF-8 BOM](https://github.com/sindresorhus/strip-bom)\n- [Throws more helpful JSON errors](https://github.com/sindresorhus/parse-json)\n- [Normalizes the data](https://github.com/npm/normalize-package-data#what-normalization-currently-entails)\n\n\n## Install\n\n```\n$ npm install --save read-pkg\n```\n\n\n## Usage\n\n```js\nvar readPkg = require('read-pkg');\n\nreadPkg().then(function (pkg) {\n\tconsole.log(pkg);\n\t//=> {name: 'read-pkg', ...}\n});\n\nreadPkg(__dirname).then(function (pkg) {\n\tconsole.log(pkg);\n\t//=> {name: 'read-pkg', ...}\n});\n\nreadPkg(path.join('unicorn', 'package.json')).then(function (pkg) {\n\tconsole.log(pkg);\n\t//=> {name: 'read-pkg', ...}\n});\n```\n\n\n## API\n\n### readPkg([path], [options])\n\nReturns a promise that resolves to the parsed JSON.\n\n### readPkg.sync([path], [options])\n\nReturns the parsed JSON.\n\n#### path\n\nType: `string` \nDefault: `.`\n\nPath to a `package.json` file or its directory.\n\n#### options\n\n##### normalize\n\nType: `boolean` \nDefault: `true`\n\n[Normalize](https://github.com/npm/normalize-package-data#what-normalization-currently-entails) the package data.\n\n\n## Related\n\n- [read-pkg-up](https://github.com/sindresorhus/read-pkg-up) - Read the closest package.json file\n- [write-pkg](https://github.com/sindresorhus/write-pkg) - Write a `package.json` file\n- [load-json-file](https://github.com/sindresorhus/load-json-file) - Read and parse a JSON file\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg", + "error": "[Circular]", + "extraneous": false + }, + "symbol": { + "_args": [ + [ + "symbol@^0.2.1", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/pkg-conf" + ], + [ + "symbol@0.2.1", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "symbol@>=0.2.1 <0.3.0", + "_id": "symbol@0.2.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/symbol", + "_npmUser": { + "email": "sean.monstar@gmail.com", + "name": "seanmonstar" + }, + "_npmVersion": "1.3.11", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "symbol@0.2.1", + "name": "symbol", + "escapedName": "symbol", + "rawSpec": "0.2.1", + "saveSpec": "[Circular]", + "fetchSpec": "0.2.1" + }, + "_requiredBy": [ + "/bundle-dependencies/pkg-conf" + ], + "_resolved": "https://registry.npmjs.org/symbol/-/symbol-0.2.1.tgz", + "_shasum": "c2124fb7b2e3eea30e4fa824341aa789b3534c95", + "_shrinkwrap": "[Circular]", + "_spec": "0.2.1", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sean McArthur", + "email": "sean.monstar@gmail.com", + "url": "http://seanmonstar.com" + }, + "bugs": { + "url": "https://github.com/seanmonstar/symbol/issues" + }, + "dependencies": {}, + "description": "ES6 Symbols in your ES5.", + "devDependencies": {}, + "directories": {}, + "dist": { + "shasum": "c2124fb7b2e3eea30e4fa824341aa789b3534c95", + "tarball": "http://registry.npmjs.org/symbol/-/symbol-0.2.1.tgz" + }, + "homepage": "https://github.com/seanmonstar/symbol#readme", + "keywords": [ + "symbols", + "es6", + "harmony" + ], + "license": "MPLv2.0", + "main": "index.js", + "maintainers": [ + { + "name": "seanmonstar", + "email": "sean.monstar@gmail.com" + } + ], + "name": "symbol", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git://github.com/seanmonstar/symbol.git" + }, + "scripts": { + "test": "node test.js" + }, + "version": "0.2.1", + "readme": "# Symbols\n\n[![NPM version](https://badge.fury.io/js/symbol.png)](http://badge.fury.io/js/symbol)\n\n[ES6 Symbols](https://people.mozilla.org/~jorendorff/es6-draft.html#sec-symbol-objects), in your ES5.\n\nIf `Symbol` is already defined, it will be used. Otherwise, this implements as much of the `Symbol` spec as is possible with plain JavaScript.\n\n## Usage\n\n```js\nvar Symbol = require('symbol');\nvar key = Symbol();\n\nvar obj = {};\nobj[key] = 'foo';\nconsole.log(obj[key]); // 'foo'\nconsole.log(Object.keys(obj)); // []\n```\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/symbol", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Get namespaced config from the closest package.json", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "a3caee3fb9c23ab4abad3baaea02f0001c75f200", + "tarball": "http://registry.npmjs.org/pkg-conf/-/pkg-conf-1.1.1.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "fixture": { + "foo": true + }, + "gitHead": "9bb0bb78f4e6d8b6e14e8ef28b1cfba7305341f6", + "homepage": "https://github.com/sindresorhus/pkg-conf#readme", + "keywords": [ + "json", + "read", + "parse", + "file", + "fs", + "graceful", + "load", + "pkg", + "package", + "config", + "conf", + "configuration", + "object", + "namespace", + "namespaced" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "pkg-conf", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/pkg-conf.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "1.1.1", + "readme": "# pkg-conf [![Build Status](https://travis-ci.org/sindresorhus/pkg-conf.svg?branch=master)](https://travis-ci.org/sindresorhus/pkg-conf)\n\n> Get namespaced config from the closest package.json\n\nFor example, [XO](https://github.com/sindresorhus/xo) uses the `xo` namespace in package.json and [ESLint](http://eslint.org) uses `eslintConfig`.\n\n\n## Install\n\n```\n$ npm install --save pkg-conf\n```\n\n\n## Usage\n\n```json\n{\n\t\"name\": \"some-package\",\n\t\"version\": \"1.0.0\",\n\t\"unicorn\": {\n\t\t\"rainbow\": true\n\t}\n}\n```\n\n```js\nconst pkgConf = require('pkg-conf');\n\npkgConf('unicorn').then(config => {\n\tconsole.log(config.rainbow);\n\t//=> true\n});\n```\n\n\n## API\n\nIt [walks up](https://github.com/sindresorhus/find-up) parent directories until a `package.json` can be found, reads it, and returns the user specified namespace or an empty object if not found.\n\n### pkgConf(namespace, [options])\n\nReturns a promise that resolves to the config.\n\n### pkgConf.sync(namespace, [options])\n\nReturns the config.\n\n#### namespace\n\nType: `string`\n\nThe package.json namespace you want.\n\n#### options\n\n##### cwd\n\nType: `string`
\nDefault: `process.cwd()`\n\nDirectory to start looking up for a package.json file.\n\n##### defaults\n\nType: `object`
\n\nDefault config.\n\n### pkgConf.filepath(config)\n\nPass in the `config` returned from any of the above methods.\n\nReturns the filepath to the package.json file or `null`.\n\n\n## Related\n\n- [read-pkg-up](https://github.com/sindresorhus/read-pkg-up) - Read the closest package.json file\n- [read-pkg](https://github.com/sindresorhus/read-pkg) - Read a package.json file\n- [find-up](https://github.com/sindresorhus/find-up) - Find a file by walking up parent directories\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "find-up": "^1.0.0", + "object-assign": "^4.0.1", + "read-pkg": "^1.0.0", + "symbol": "^0.2.1" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pkg-conf", + "error": "[Circular]", + "extraneous": false + }, + "read-pkg-up": { + "_args": [ + [ + "read-pkg-up@^1.0.1", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "read-pkg-up@1.0.1", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "read-pkg-up@>=1.0.1 <2.0.0", + "_id": "read-pkg-up@1.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/read-pkg-up", + "_nodeVersion": "0.12.7", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.11.3", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "read-pkg-up@1.0.1", + "name": "read-pkg-up", + "escapedName": "read-pkg-up", + "rawSpec": "1.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.1" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/read-pkg-up/-/read-pkg-up-1.0.1.tgz", + "_shasum": "9d63c13276c065918d57f002a57f40a1b643fb02", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.1", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/read-pkg-up/issues" + }, + "dependencies": { + "find-up": { + "_args": "[Circular]", + "_from": "find-up@>=1.0.0 <2.0.0", + "_id": "find-up@1.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/find-up", + "_nodeVersion": "4.2.1", + "_npmUser": "[Circular]", + "_npmVersion": "2.14.7", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "find-up@1.1.0", + "name": "find-up", + "escapedName": "find-up", + "rawSpec": "1.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.0" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/find-up/-/find-up-1.1.0.tgz", + "_shasum": "a63b0eec4625a2902534898a5f9eec8aaed046e9", + "_shrinkwrap": "[Circular]", + "_spec": "1.1.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "Find a file by walking up parent directories", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "06e9dae73659ddf2421440ca4695161c38d7d2fb", + "homepage": "https://github.com/sindresorhus/find-up", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "find-up", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "1.1.0", + "readme": "# find-up [![Build Status](https://travis-ci.org/sindresorhus/find-up.svg?branch=master)](https://travis-ci.org/sindresorhus/find-up)\n\n> Find a file by walking up parent directories\n\n\n## Install\n\n```\n$ npm install --save find-up\n```\n\n\n## Usage\n\n```\n/\n└── Users\n └── sindresorhus\n ├── unicorn.png\n └── foo\n └── bar\n ├── baz\n └── example.js\n```\n\n```js\n// example.js\nvar findUp = require('find-up');\n\nfindUp('unicorn.png').then(function (filepath) {\n\tconsole.log(filepath);\n\t//=> '/Users/sindresorhus/unicorn.png'\n});\n```\n\n\n## API\n\n### findUp(filename, [options])\n\nReturns a promise that resolves to a filepath or `null`.\n\n### findUp.sync(filename, [options])\n\nReturns a filepath or `null`.\n\n#### filename\n\nType: `string`\n\nFilename of the file to find.\n\n#### options\n\n##### cwd\n\nType: `string` \nDefault: `process.cwd()`\n\nDirectory to start from.\n\n\n## Related\n\n- [find-up-cli](https://github.com/sindresorhus/find-up-cli) - CLI for this module\n- [pkg-up](https://github.com/sindresorhus/pkg-up) - Find the closest package.json file\n- [pkg-dir](https://github.com/sindresorhus/pkg-dir) - Find the root directory of a npm package\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/find-up", + "error": "[Circular]", + "extraneous": false, + "_deduped": "bundle-dependencies/find-up" + }, + "read-pkg": { + "_args": "[Circular]", + "_from": "read-pkg@>=1.0.0 <2.0.0", + "_id": "read-pkg@1.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/read-pkg", + "_nodeVersion": "3.0.0", + "_npmUser": "[Circular]", + "_npmVersion": "2.13.3", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "read-pkg@1.1.0", + "name": "read-pkg", + "escapedName": "read-pkg", + "rawSpec": "1.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.0" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/read-pkg/-/read-pkg-1.1.0.tgz", + "_shasum": "f5ffaa5ecd29cb31c0474bca7d756b6bb29e3f28", + "_shrinkwrap": "[Circular]", + "_spec": "1.1.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "Read a package.json file", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "9448d32b2ebcd65fc0547def3cfe5b28ef522e68", + "homepage": "https://github.com/sindresorhus/read-pkg", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "read-pkg", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "1.1.0", + "readme": "# read-pkg [![Build Status](https://travis-ci.org/sindresorhus/read-pkg.svg?branch=master)](https://travis-ci.org/sindresorhus/read-pkg)\n\n> Read a package.json file\n\n\n## Why\n\n- [Gracefully handles filesystem issues](https://github.com/isaacs/node-graceful-fs)\n- [Strips UTF-8 BOM](https://github.com/sindresorhus/strip-bom)\n- [Throws more helpful JSON errors](https://github.com/sindresorhus/parse-json)\n- [Normalizes the data](https://github.com/npm/normalize-package-data#what-normalization-currently-entails)\n\n\n## Install\n\n```\n$ npm install --save read-pkg\n```\n\n\n## Usage\n\n```js\nvar readPkg = require('read-pkg');\n\nreadPkg().then(function (pkg) {\n\tconsole.log(pkg);\n\t//=> {name: 'read-pkg', ...}\n});\n\nreadPkg(__dirname).then(function (pkg) {\n\tconsole.log(pkg);\n\t//=> {name: 'read-pkg', ...}\n});\n\nreadPkg(path.join('unicorn', 'package.json')).then(function (pkg) {\n\tconsole.log(pkg);\n\t//=> {name: 'read-pkg', ...}\n});\n```\n\n\n## API\n\n### readPkg([path], [options])\n\nReturns a promise that resolves to the parsed JSON.\n\n### readPkg.sync([path], [options])\n\nReturns the parsed JSON.\n\n#### path\n\nType: `string` \nDefault: `.`\n\nPath to a `package.json` file or its directory.\n\n#### options\n\n##### normalize\n\nType: `boolean` \nDefault: `true`\n\n[Normalize](https://github.com/npm/normalize-package-data#what-normalization-currently-entails) the package data.\n\n\n## Related\n\n- [read-pkg-up](https://github.com/sindresorhus/read-pkg-up) - Read the closest package.json file\n- [write-pkg](https://github.com/sindresorhus/write-pkg) - Write a `package.json` file\n- [load-json-file](https://github.com/sindresorhus/load-json-file) - Read and parse a JSON file\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg", + "error": "[Circular]", + "extraneous": false, + "_deduped": "bundle-dependencies/read-pkg" + } + }, + "description": "Read the closest package.json file", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "9d63c13276c065918d57f002a57f40a1b643fb02", + "tarball": "http://registry.npmjs.org/read-pkg-up/-/read-pkg-up-1.0.1.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "27ec7c844b495a39eea7859c5f4d4721ebf60e8e", + "homepage": "https://github.com/sindresorhus/read-pkg-up", + "keywords": [ + "json", + "read", + "parse", + "file", + "fs", + "graceful", + "load", + "pkg", + "package", + "find", + "up", + "find-up", + "findup", + "look-up", + "look", + "file", + "search", + "match", + "package", + "resolve", + "parent", + "parents", + "folder", + "directory", + "dir", + "walk", + "walking", + "path" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "read-pkg-up", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/read-pkg-up.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "1.0.1", + "readme": "# read-pkg-up [![Build Status](https://travis-ci.org/sindresorhus/read-pkg-up.svg?branch=master)](https://travis-ci.org/sindresorhus/read-pkg-up)\n\n> Read the closest package.json file\n\n\n## Why\n\n- [Finds the closest package.json](https://github.com/sindresorhus/find-up)\n- [Gracefully handles filesystem issues](https://github.com/isaacs/node-graceful-fs)\n- [Strips UTF-8 BOM](https://github.com/sindresorhus/strip-bom)\n- [Throws more helpful JSON errors](https://github.com/sindresorhus/parse-json)\n- [Normalizes the data](https://github.com/npm/normalize-package-data#what-normalization-currently-entails)\n\n\n## Install\n\n```\n$ npm install --save read-pkg-up\n```\n\n\n## Usage\n\n```js\nvar readPkgUp = require('read-pkg-up');\n\nreadPkgUp().then(function (result) {\n\tconsole.log(result);\n\t/*\n\t{\n\t\tpkg: {\n\t\t\tname: 'awesome-package',\n\t\t\tversion: '1.0.0',\n\t\t\t...\n\t\t},\n\t\tpath: '/Users/sindresorhus/dev/awesome-package'\n\t}\n\t*/\n});\n```\n\n\n## API\n\n### readPkgUp([options])\n\nReturns a promise that resolves to a result object.\n\n### readPkgUp.sync([options])\n\nReturns a result object.\n\n#### options\n\n##### cwd\n\nType: `string` \nDefault: `.`\n\nDirectory to start looking for a package.json file.\n\n##### normalize\n\nType: `boolean` \nDefault: `true`\n\n[Normalize](https://github.com/npm/normalize-package-data#what-normalization-currently-entails) the package data.\n\n\n## Related\n\n- [read-pkg](https://github.com/sindresorhus/read-pkg) - Read a package.json file\n- [find-up](https://github.com/sindresorhus/find-up) - Find a file by walking up parent directories\n- [pkg-conf](https://github.com/sindresorhus/pkg-conf) - Get namespaced config from the closest package.json\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "find-up": "^1.0.0", + "read-pkg": "^1.0.0" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg-up", + "error": "[Circular]", + "extraneous": false + }, + "require-main-filename": { + "_args": [ + [ + "require-main-filename@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "require-main-filename@1.0.1", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "require-main-filename@>=1.0.0 <2.0.0", + "_id": "require-main-filename@1.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/require-main-filename", + "_nodeVersion": "3.2.0", + "_npmOperationalInternal": { + "host": "packages-6-west.internal.npmjs.com", + "tmp": "tmp/require-main-filename-1.0.1.tgz_1455688492890_0.0750324921682477" + }, + "_npmUser": { + "email": "ben@npmjs.com", + "name": "bcoe" + }, + "_npmVersion": "3.3.0", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "require-main-filename@1.0.1", + "name": "require-main-filename", + "escapedName": "require-main-filename", + "rawSpec": "1.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.1" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/require-main-filename/-/require-main-filename-1.0.1.tgz", + "_shasum": "97f717b69d48784f5f526a6c5aa8ffdda055a4d1", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.1", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Ben Coe", + "email": "ben@npmjs.com" + }, + "bugs": { + "url": "https://github.com/yargs/require-main-filename/issues" + }, + "dependencies": {}, + "description": "shim for require.main.filename() that works in as many environments as possible", + "devDependencies": { + "chai": "^3.5.0", + "standard": "^6.0.5", + "tap": "^5.2.0" + }, + "directories": {}, + "dist": { + "shasum": "97f717b69d48784f5f526a6c5aa8ffdda055a4d1", + "tarball": "http://registry.npmjs.org/require-main-filename/-/require-main-filename-1.0.1.tgz" + }, + "gitHead": "6dd2291332bed764c56302ccdd14da8a213249a1", + "homepage": "https://github.com/yargs/require-main-filename#readme", + "keywords": [ + "require", + "shim", + "iisnode" + ], + "license": "ISC", + "main": "index.js", + "maintainers": [ + { + "name": "bcoe", + "email": "ben@npmjs.com" + } + ], + "name": "require-main-filename", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+ssh://git@github.com/yargs/require-main-filename.git" + }, + "scripts": { + "pretest": "standard", + "test": "tap --coverage test.js" + }, + "version": "1.0.1", + "readme": "# require-main-filename\n\n[![Build Status](https://travis-ci.org/yargs/require-main-filename.png)](https://travis-ci.org/yargs/require-main-filename)\n[![Coverage Status](https://coveralls.io/repos/yargs/require-main-filename/badge.svg?branch=master)](https://coveralls.io/r/yargs/require-main-filename?branch=master)\n[![NPM version](https://img.shields.io/npm/v/require-main-filename.svg)](https://www.npmjs.com/package/require-main-filename)\n\n`require.main.filename` is great for figuring out the entry\npoint for the current application. This can be combined with a module like\n[pkg-conf](https://www.npmjs.com/package/pkg-conf) to, _as if by magic_, load\ntop-level configuration.\n\nUnfortunately, `require.main.filename` sometimes fails when an application is\nexecuted with an alternative process manager, e.g., [iisnode](https://github.com/tjanczuk/iisnode).\n\n`require-main-filename` is a shim that addresses this problem.\n\n## Usage\n\n```js\nvar main = require('require-main-filename')()\n// use main as an alternative to require.main.filename.\n```\n\n## License\n\nISC\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/require-main-filename", + "error": "[Circular]", + "extraneous": false + }, + "string-width": { + "_args": "[Circular]", + "_from": "string-width@>=1.0.1 <2.0.0", + "_id": "string-width@1.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/string-width", + "_nodeVersion": "0.12.5", + "_npmUser": "[Circular]", + "_npmVersion": "2.11.2", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "string-width@1.0.1", + "name": "string-width", + "escapedName": "string-width", + "rawSpec": "1.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.1" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/string-width/-/string-width-1.0.1.tgz", + "_shasum": "c92129b6f1d7f52acf9af424a26e3864a05ceb0a", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.1", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": { + "code-point-at": { + "_args": [ + [ + "code-point-at@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/string-width" + ], + [ + "code-point-at@1.0.0", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "code-point-at@>=1.0.0 <2.0.0", + "_id": "code-point-at@1.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/code-point-at", + "_nodeVersion": "0.12.5", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.11.2", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "code-point-at@1.0.0", + "name": "code-point-at", + "escapedName": "code-point-at", + "rawSpec": "1.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/string-width" + ], + "_resolved": "https://registry.npmjs.org/code-point-at/-/code-point-at-1.0.0.tgz", + "_shasum": "f69b192d3f7d91e382e4b71bddb77878619ab0c6", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/code-point-at/issues" + }, + "dependencies": { + "number-is-nan": { + "_args": [ + [ + "number-is-nan@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/code-point-at" + ], + [ + "number-is-nan@1.0.0", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "number-is-nan@>=1.0.0 <2.0.0", + "_id": "number-is-nan@1.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/number-is-nan", + "_nodeVersion": "0.12.3", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.10.0", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "number-is-nan@1.0.0", + "name": "number-is-nan", + "escapedName": "number-is-nan", + "rawSpec": "1.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/code-point-at", + "/bundle-dependencies/is-fullwidth-code-point" + ], + "_resolved": "https://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.0.tgz", + "_shasum": "c020f529c5282adfdd233d91d4b181c3d686dc4b", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/number-is-nan/issues" + }, + "dependencies": {}, + "description": "ES6 Number.isNaN() ponyfill", + "devDependencies": { + "ava": "0.0.4" + }, + "directories": {}, + "dist": { + "shasum": "c020f529c5282adfdd233d91d4b181c3d686dc4b", + "tarball": "http://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "0f394b1bc33185c40304363b209e3f0588dbeeb3", + "homepage": "https://github.com/sindresorhus/number-is-nan#readme", + "keywords": [ + "es6", + "es2015", + "ecmascript", + "harmony", + "ponyfill", + "polyfill", + "shim", + "number", + "is", + "nan", + "not" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "number-is-nan", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/number-is-nan.git" + }, + "scripts": { + "test": "node test.js" + }, + "version": "1.0.0", + "readme": "# number-is-nan [![Build Status](https://travis-ci.org/sindresorhus/number-is-nan.svg?branch=master)](https://travis-ci.org/sindresorhus/number-is-nan)\n\n> ES6 [`Number.isNaN()`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Number/isNaN) ponyfill\n\n> Ponyfill: A polyfill that doesn't overwrite the native method\n\n\n## Install\n\n```\n$ npm install --save number-is-nan\n```\n\n\n## Usage\n\n```js\nvar numberIsNan = require('number-is-nan');\n\nnumberIsNan(NaN);\n//=> true\n\nnumberIsNan('unicorn');\n//=> false\n```\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/number-is-nan", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "ES2015 String#codePointAt() ponyfill", + "devDependencies": { + "ava": "0.0.4" + }, + "directories": {}, + "dist": { + "shasum": "f69b192d3f7d91e382e4b71bddb77878619ab0c6", + "tarball": "http://registry.npmjs.org/code-point-at/-/code-point-at-1.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "c2ffa4064718b37c84c73a633abeeed5b486a469", + "homepage": "https://github.com/sindresorhus/code-point-at", + "keywords": [ + "es2015", + "es6", + "ponyfill", + "polyfill", + "shim", + "string", + "str", + "code", + "point", + "at", + "codepoint", + "unicode" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "code-point-at", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/code-point-at.git" + }, + "scripts": { + "test": "node test.js" + }, + "version": "1.0.0", + "readme": "# code-point-at [![Build Status](https://travis-ci.org/sindresorhus/code-point-at.svg?branch=master)](https://travis-ci.org/sindresorhus/code-point-at)\n\n> ES2015 [`String#codePointAt()`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/codePointAt) ponyfill\n\n> Ponyfill: A polyfill that doesn't overwrite the native method\n\n\n## Install\n\n```\n$ npm install --save code-point-at\n```\n\n\n## Usage\n\n```js\nvar codePointAt = require('code-point-at');\n\ncodePointAt('🐴');\n//=> 128052\n\ncodePointAt('abc', 2);\n//=> 99\n```\n\n## API\n\n### codePointAt(input, [position])\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/code-point-at", + "error": "[Circular]", + "extraneous": false + }, + "is-fullwidth-code-point": { + "_args": [ + [ + "is-fullwidth-code-point@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/string-width" + ], + [ + "is-fullwidth-code-point@1.0.0", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "is-fullwidth-code-point@>=1.0.0 <2.0.0", + "_id": "is-fullwidth-code-point@1.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/is-fullwidth-code-point", + "_nodeVersion": "0.12.5", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.11.2", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "is-fullwidth-code-point@1.0.0", + "name": "is-fullwidth-code-point", + "escapedName": "is-fullwidth-code-point", + "rawSpec": "1.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/string-width" + ], + "_resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz", + "_shasum": "ef9e31386f031a7f0d643af82fde50c457ef00cb", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point/issues" + }, + "dependencies": { + "number-is-nan": { + "_args": "[Circular]", + "_from": "number-is-nan@>=1.0.0 <2.0.0", + "_id": "number-is-nan@1.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/number-is-nan", + "_nodeVersion": "0.12.3", + "_npmUser": "[Circular]", + "_npmVersion": "2.10.0", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "number-is-nan@1.0.0", + "name": "number-is-nan", + "escapedName": "number-is-nan", + "rawSpec": "1.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.0" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.0.tgz", + "_shasum": "c020f529c5282adfdd233d91d4b181c3d686dc4b", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "ES6 Number.isNaN() ponyfill", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "0f394b1bc33185c40304363b209e3f0588dbeeb3", + "homepage": "https://github.com/sindresorhus/number-is-nan#readme", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "number-is-nan", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "1.0.0", + "readme": "# number-is-nan [![Build Status](https://travis-ci.org/sindresorhus/number-is-nan.svg?branch=master)](https://travis-ci.org/sindresorhus/number-is-nan)\n\n> ES6 [`Number.isNaN()`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Number/isNaN) ponyfill\n\n> Ponyfill: A polyfill that doesn't overwrite the native method\n\n\n## Install\n\n```\n$ npm install --save number-is-nan\n```\n\n\n## Usage\n\n```js\nvar numberIsNan = require('number-is-nan');\n\nnumberIsNan(NaN);\n//=> true\n\nnumberIsNan('unicorn');\n//=> false\n```\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/number-is-nan", + "error": "[Circular]", + "extraneous": false, + "_deduped": "bundle-dependencies/number-is-nan" + } + }, + "description": "Check if the character represented by a given Unicode code point is fullwidth", + "devDependencies": { + "ava": "0.0.4", + "code-point-at": "^1.0.0" + }, + "directories": {}, + "dist": { + "shasum": "ef9e31386f031a7f0d643af82fde50c457ef00cb", + "tarball": "http://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "f2152d357f41f82785436d428e4f8ede143b7548", + "homepage": "https://github.com/sindresorhus/is-fullwidth-code-point", + "keywords": [ + "fullwidth", + "full-width", + "full", + "width", + "unicode", + "character", + "char", + "string", + "str", + "codepoint", + "code", + "point", + "is", + "detect", + "check" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "is-fullwidth-code-point", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/is-fullwidth-code-point.git" + }, + "scripts": { + "test": "node test.js" + }, + "version": "1.0.0", + "readme": "# is-fullwidth-code-point [![Build Status](https://travis-ci.org/sindresorhus/is-fullwidth-code-point.svg?branch=master)](https://travis-ci.org/sindresorhus/is-fullwidth-code-point)\n\n> Check if the character represented by a given [Unicode code point](https://en.wikipedia.org/wiki/Code_point) is [fullwidth](https://en.wikipedia.org/wiki/Halfwidth_and_fullwidth_forms)\n\n\n## Install\n\n```\n$ npm install --save is-fullwidth-code-point\n```\n\n\n## Usage\n\n```js\nvar isFullwidthCodePoint = require('is-fullwidth-code-point');\n\nisFullwidthCodePoint('谢'.codePointAt());\n//=> true\n\nisFullwidthCodePoint('a'.codePointAt());\n//=> false\n```\n\n\n## API\n\n### isFullwidthCodePoint(input)\n\n#### input\n\nType: `number`\n\n[Code point](https://en.wikipedia.org/wiki/Code_point) of a character.\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point", + "error": "[Circular]", + "extraneous": false + }, + "strip-ansi": { + "_args": "[Circular]", + "_from": "strip-ansi@>=3.0.0 <4.0.0", + "_id": "strip-ansi@3.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/strip-ansi", + "_nodeVersion": "0.12.7", + "_npmOperationalInternal": "[Circular]", + "_npmUser": "[Circular]", + "_npmVersion": "2.11.3", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "strip-ansi@3.0.1", + "name": "strip-ansi", + "escapedName": "strip-ansi", + "rawSpec": "3.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "3.0.1" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz", + "_shasum": "6a385fb8853d952d5ff05d0e8aaf94278dc63dcf", + "_shrinkwrap": "[Circular]", + "_spec": "3.0.1", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "Strip ANSI escape codes", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "8270705c704956da865623e564eba4875c3ea17f", + "homepage": "https://github.com/chalk/strip-ansi", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "strip-ansi", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "3.0.1", + "readme": "# strip-ansi [![Build Status](https://travis-ci.org/chalk/strip-ansi.svg?branch=master)](https://travis-ci.org/chalk/strip-ansi)\n\n> Strip [ANSI escape codes](http://en.wikipedia.org/wiki/ANSI_escape_code)\n\n\n## Install\n\n```\n$ npm install --save strip-ansi\n```\n\n\n## Usage\n\n```js\nvar stripAnsi = require('strip-ansi');\n\nstripAnsi('\\u001b[4mcake\\u001b[0m');\n//=> 'cake'\n```\n\n\n## Related\n\n- [strip-ansi-cli](https://github.com/chalk/strip-ansi-cli) - CLI for this module\n- [has-ansi](https://github.com/chalk/has-ansi) - Check if a string has ANSI escape codes\n- [ansi-regex](https://github.com/chalk/ansi-regex) - Regular expression for matching ANSI escape codes\n- [chalk](https://github.com/chalk/chalk) - Terminal string styling done right\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-ansi", + "error": "[Circular]", + "extraneous": false, + "_deduped": "bundle-dependencies/strip-ansi" + } + }, + "description": "Get the visual width of a string - the number of columns required to display it", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "f279cfd14835f0a3c8df69ba18e9a3960156e135", + "homepage": "https://github.com/sindresorhus/string-width", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "string-width", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "1.0.1", + "readme": "# string-width [![Build Status](https://travis-ci.org/sindresorhus/string-width.svg?branch=master)](https://travis-ci.org/sindresorhus/string-width)\n\n> Get the visual width of a string - the number of columns required to display it\n\nSome Unicode characters are [fullwidth](https://en.wikipedia.org/wiki/Halfwidth_and_fullwidth_forms) and use double the normal width.\n\nUseful to be able to measure the actual width of command-line output.\n\n\n## Install\n\n```\n$ npm install --save string-width\n```\n\n\n## Usage\n\n```js\nvar stringWidth = require('string-width');\n\nstringWidth('古');\n//=> 2\n\nstringWidth('\\u001b[1m古\\u001b[22m');\n//=> 2\n\nstringWidth('a');\n//=> 1\n```\n\n\n## Related\n\n- [string-width-cli](https://github.com/sindresorhus/string-width-cli) - CLI for this module\n- [string-length](https://github.com/sindresorhus/string-length) - Get the real length of a string\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "error": "[Circular]", + "extraneous": false + }, + "window-size": { + "_args": [ + [ + "window-size@^0.2.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "window-size@0.2.0", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "window-size@>=0.2.0 <0.3.0", + "_id": "window-size@0.2.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/window-size", + "_nodeVersion": "5.3.0", + "_npmUser": { + "email": "github@sellside.com", + "name": "jonschlinkert" + }, + "_npmVersion": "3.3.12", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "window-size@0.2.0", + "name": "window-size", + "escapedName": "window-size", + "rawSpec": "0.2.0", + "saveSpec": "[Circular]", + "fetchSpec": "0.2.0" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/window-size/-/window-size-0.2.0.tgz", + "_shasum": "b4315bb4214a3d7058ebeee892e13fa24d98b075", + "_shrinkwrap": "[Circular]", + "_spec": "0.2.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Jon Schlinkert", + "url": "https://github.com/jonschlinkert" + }, + "bin": { + "window-size": "cli.js" + }, + "bugs": { + "url": "https://github.com/jonschlinkert/window-size/issues" + }, + "dependencies": {}, + "description": "Reliable way to to get the height and width of the terminal/console in a node.js environment.", + "devDependencies": { + "semistandard": "^7.0.2", + "tap": "^2.2.1" + }, + "directories": {}, + "dist": { + "shasum": "b4315bb4214a3d7058ebeee892e13fa24d98b075", + "tarball": "http://registry.npmjs.org/window-size/-/window-size-0.2.0.tgz" + }, + "engines": { + "node": ">= 0.10.0" + }, + "files": [ + "index.js", + "cli.js" + ], + "gitHead": "538b4406a6f30c9a2c8f84ba38bb34a39775bd2b", + "homepage": "https://github.com/jonschlinkert/window-size", + "keywords": [ + "console", + "height", + "resize", + "size", + "terminal", + "tty", + "width", + "window" + ], + "license": "MIT", + "main": "index.js", + "maintainers": [ + { + "name": "jonschlinkert", + "email": "github@sellside.com" + }, + { + "name": "doowb", + "email": "brian.woodward@gmail.com" + } + ], + "name": "window-size", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/jonschlinkert/window-size.git" + }, + "scripts": { + "pretest": "semistandard", + "test": "tap --coverage test.js" + }, + "verb": { + "related": { + "list": [ + "yargs", + "lint-deps", + "base-cli" + ] + } + }, + "version": "0.2.0", + "readme": "# window-size [![NPM version](https://badge.fury.io/js/window-size.svg)](http://badge.fury.io/js/window-size) [![Build Status](https://travis-ci.org/jonschlinkert/window-size.svg)](https://travis-ci.org/jonschlinkert/window-size)\n\n> Reliable way to to get the height and width of the terminal/console in a node.js environment.\n\n## Install\n\nInstall with [npm](https://www.npmjs.com/)\n\n```sh\n$ npm i window-size --save\n```\n\n## Usage\n\n```js\nvar size = require('window-size');\nsize.height; // \"25\" (rows)\nsize.width; // \"80\" (columns)\n```\n\n## Other projects\n\n* [base-cli](https://www.npmjs.com/package/base-cli): Plugin for base-methods that maps built-in methods to CLI args (also supports methods from a… [more](https://www.npmjs.com/package/base-cli) | [homepage](https://github.com/jonschlinkert/base-cli)\n* [lint-deps](https://www.npmjs.com/package/lint-deps): CLI tool that tells you when dependencies are missing from package.json and offers you a… [more](https://www.npmjs.com/package/lint-deps) | [homepage](https://github.com/jonschlinkert/lint-deps)\n* [yargs](https://www.npmjs.com/package/yargs): Light-weight option parsing with an argv hash. No optstrings attached. | [homepage](https://github.com/bcoe/yargs#readme)\n\n## Contributing\n\nPull requests and stars are always welcome. For bugs and feature requests, [please create an issue](https://github.com/jonschlinkert/window-size/issues/new).\n\n## Author\n\n**Jon Schlinkert**\n\n+ [github/jonschlinkert](https://github.com/jonschlinkert)\n+ [twitter/jonschlinkert](http://twitter.com/jonschlinkert)\n\n## License\n\nCopyright © 2014-2015 [Jon Schlinkert](https://github.com/jonschlinkert)\nReleased under the MIT license.\n\n***\n\n_This file was generated by [verb-cli](https://github.com/assemble/verb-cli) on November 15, 2015._", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/window-size", + "error": "[Circular]", + "extraneous": false + }, + "y18n": { + "_args": [ + [ + "y18n@^3.2.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "y18n@3.2.0", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "y18n@>=3.2.0 <4.0.0", + "_id": "y18n@3.2.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/y18n", + "_nodeVersion": "0.12.7", + "_npmUser": { + "email": "andrewbgoode@gmail.com", + "name": "abg" + }, + "_npmVersion": "2.14.2", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "y18n@3.2.0", + "name": "y18n", + "escapedName": "y18n", + "rawSpec": "3.2.0", + "saveSpec": "[Circular]", + "fetchSpec": "3.2.0" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/y18n/-/y18n-3.2.0.tgz", + "_shasum": "3bec64c93b730d924a6148c765757932433e34c8", + "_shrinkwrap": "[Circular]", + "_spec": "3.2.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Ben Coe", + "email": "ben@npmjs.com" + }, + "bugs": { + "url": "https://github.com/bcoe/y18n/issues" + }, + "dependencies": {}, + "description": "the bare-bones internationalization library used by yargs", + "devDependencies": { + "chai": "^3.3.0", + "coveralls": "^2.11.4", + "mocha": "^2.3.3", + "nyc": "^3.2.2", + "rimraf": "^2.4.3", + "standard": "^5.3.1" + }, + "directories": {}, + "dist": { + "shasum": "3bec64c93b730d924a6148c765757932433e34c8", + "tarball": "http://registry.npmjs.org/y18n/-/y18n-3.2.0.tgz" + }, + "gitHead": "a92184823afa8cccef4c8100a0b79338f85ab089", + "homepage": "https://github.com/bcoe/y18n", + "keywords": [ + "i18n", + "internationalization", + "yargs" + ], + "license": "ISC", + "main": "index.js", + "maintainers": [ + { + "name": "bcoe", + "email": "ben@npmjs.com" + }, + { + "name": "abg", + "email": "andrewbgoode@gmail.com" + } + ], + "name": "y18n", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+ssh://git@github.com/bcoe/y18n.git" + }, + "scripts": { + "coverage": "nyc report --reporter=text-lcov | coveralls", + "pretest": "standard", + "test": "nyc mocha" + }, + "version": "3.2.0", + "readme": "# y18n\n\n[![Build Status][travis-image]][travis-url]\n[![Coverage Status][coveralls-image]][coveralls-url]\n[![NPM version][npm-image]][npm-url]\n[![js-standard-style][standard-image]][standard-url]\n\nThe bare-bones internationalization library used by yargs.\n\nInspired by [i18n](https://www.npmjs.com/package/i18n).\n\n## Examples\n\n_simple string translation:_\n\n```js\nvar __ = require('y18n').__\n\nconsole.log(__('my awesome string %s', 'foo'))\n```\n\noutput:\n\n`my awesome string foo`\n\n_pluralization support:_\n\n```js\nvar __n = require('y18n').__n\n\nconsole.log(__n('one fish %s', '%d fishes %s', 2, 'foo'))\n```\n\noutput:\n\n`2 fishes foo`\n\n## JSON Language Files\n\nThe JSON language files should be stored in a `./locales` folder.\nFile names correspond to locales, e.g., `en.json`, `pirate.json`.\n\nWhen strings are observed for the first time they will be\nadded to the JSON file corresponding to the current locale.\n\n## Methods\n\n### require('y18n')(config)\n\nCreate an instance of y18n with the config provided, options include:\n\n* `directory`: the locale directory, default `./locales`.\n* `updateFiles`: should newly observed strings be updated in file, default `true`.\n* `locale`: what locale should be used.\n* `fallbackToLanguage`: should fallback to a language-only file (e.g. `en.json`)\n be allowed if a file matching the locale does not exist (e.g. `en_US.json`),\n default `true`.\n\n### y18n.\\_\\_(str, arg, arg, arg)\n\nPrint a localized string, `%s` will be replaced with `arg`s.\n\n### y18n.\\_\\_n(singularString, pluralString, count, arg, arg, arg)\n\nPrint a localized string with appropriate pluralization. If `%d` is provided\nin the string, the `count` will replace this placeholder.\n\n### y18n.setLocale(str)\n\nSet the current locale being used.\n\n### y18n.getLocale()\n\nWhat locale is currently being used?\n\n### y18n.updateLocale(obj)\n\nUpdate the current locale with the key value pairs in `obj`.\n\n## License\n\nISC\n\n[travis-url]: https://travis-ci.org/bcoe/y18n\n[travis-image]: https://img.shields.io/travis/bcoe/y18n.svg\n[coveralls-url]: https://coveralls.io/github/bcoe/y18n\n[coveralls-image]: https://img.shields.io/coveralls/bcoe/y18n.svg\n[npm-url]: https://npmjs.org/package/y18n\n[npm-image]: https://img.shields.io/npm/v/y18n.svg\n[standard-image]: https://img.shields.io/badge/code%20style-standard-brightgreen.svg\n[standard-url]: https://github.com/feross/standard\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/y18n", + "error": "[Circular]", + "extraneous": false + }, + "yargs-parser": { + "_args": [ + [ + "yargs-parser@^2.1.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "yargs-parser@2.1.0", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "yargs-parser@>=2.1.0 <3.0.0", + "_id": "yargs-parser@2.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/yargs-parser", + "_nodeVersion": "3.2.0", + "_npmOperationalInternal": { + "host": "packages-9-west.internal.npmjs.com", + "tmp": "tmp/yargs-parser-2.1.0.tgz_1455440640589_0.058524578576907516" + }, + "_npmUser": { + "email": "ben@npmjs.com", + "name": "bcoe" + }, + "_npmVersion": "3.3.0", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "yargs-parser@2.1.0", + "name": "yargs-parser", + "escapedName": "yargs-parser", + "rawSpec": "2.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-2.1.0.tgz", + "_shasum": "5f214362f948a085389abf34a78d8b5eef0b1350", + "_shrinkwrap": "[Circular]", + "_spec": "2.1.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "Ben Coe", + "email": "ben@npmjs.com" + }, + "bugs": { + "url": "https://github.com/yargs/yargs-parser/issues" + }, + "dependencies": { + "camelcase": { + "_args": "[Circular]", + "_from": "camelcase@>=2.0.1 <3.0.0", + "_id": "camelcase@2.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/camelcase", + "_nodeVersion": "4.2.4", + "_npmUser": "[Circular]", + "_npmVersion": "3.6.0", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "camelcase@2.1.0", + "name": "camelcase", + "escapedName": "camelcase", + "rawSpec": "2.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.1.0" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/camelcase/-/camelcase-2.1.0.tgz", + "_shasum": "533ad4cd7f8a1080ded31aba6c79b4bf437ff30c", + "_shrinkwrap": "[Circular]", + "_spec": "2.1.0", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "Convert a dash/dot/underscore/space separated string to camelCase: foo-bar → fooBar", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "9b73ccb3f48ab86eccb136c155f0eb2e67f40dc3", + "homepage": "https://github.com/sindresorhus/camelcase#readme", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "camelcase", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "2.1.0", + "readme": "# camelcase [![Build Status](https://travis-ci.org/sindresorhus/camelcase.svg?branch=master)](https://travis-ci.org/sindresorhus/camelcase)\n\n> Convert a dash/dot/underscore/space separated string to camelCase: `foo-bar` → `fooBar`\n\n\n## Install\n\n```\n$ npm install --save camelcase\n```\n\n\n## Usage\n\n```js\nconst camelCase = require('camelcase');\n\ncamelCase('foo-bar');\n//=> 'fooBar'\n\ncamelCase('foo_bar');\n//=> 'fooBar'\n\ncamelCase('Foo-Bar');\n//=> 'fooBar'\n\ncamelCase('--foo.bar');\n//=> 'fooBar'\n\ncamelCase('__foo__bar__');\n//=> 'fooBar'\n\ncamelCase('foo bar');\n//=> 'fooBar'\n\nconsole.log(process.argv[3]);\n//=> '--foo-bar'\ncamelCase(process.argv[3]);\n//=> 'fooBar'\n\ncamelCase('foo', 'bar');\n//=> 'fooBar'\n\ncamelCase('__foo__', '--bar');\n//=> 'fooBar'\n```\n\n\n## Related\n\n- [decamelize](https://github.com/sindresorhus/decamelize) - The inverse of this module\n- [uppercamelcase](https://github.com/SamVerschueren/uppercamelcase) - Like this module, but to PascalCase instead of camelCase\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/camelcase", + "error": "[Circular]", + "extraneous": false, + "_deduped": "bundle-dependencies/camelcase" + }, + "lodash.assign": { + "_args": [ + [ + "lodash.assign@^4.0.2", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs-parser" + ], + [ + "lodash.assign@4.0.3", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "lodash.assign@>=4.0.2 <5.0.0", + "_id": "lodash.assign@4.0.3", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/lodash.assign", + "_nodeVersion": "5.5.0", + "_npmOperationalInternal": { + "host": "packages-9-west.internal.npmjs.com", + "tmp": "tmp/lodash.assign-4.0.3.tgz_1455615071928_0.8044304654467851" + }, + "_npmUser": { + "email": "john.david.dalton@gmail.com", + "name": "jdalton" + }, + "_npmVersion": "2.14.18", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "lodash.assign@4.0.3", + "name": "lodash.assign", + "escapedName": "lodash.assign", + "rawSpec": "4.0.3", + "saveSpec": "[Circular]", + "fetchSpec": "4.0.3" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs-parser" + ], + "_resolved": "https://registry.npmjs.org/lodash.assign/-/lodash.assign-4.0.3.tgz", + "_shasum": "208252719b4375f361981c3ba3a8a09d1cbdb218", + "_shrinkwrap": "[Circular]", + "_spec": "4.0.3", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "John-David Dalton", + "email": "john.david.dalton@gmail.com", + "url": "http://allyoucanleet.com/" + }, + "bugs": { + "url": "https://github.com/lodash/lodash/issues" + }, + "contributors": [ + { + "name": "John-David Dalton", + "email": "john.david.dalton@gmail.com", + "url": "http://allyoucanleet.com/" + }, + { + "name": "Blaine Bublitz", + "email": "blaine@iceddev.com", + "url": "https://github.com/phated" + }, + { + "name": "Mathias Bynens", + "email": "mathias@qiwi.be", + "url": "https://mathiasbynens.be/" + } + ], + "dependencies": { + "lodash.keys": { + "_args": [ + [ + "lodash.keys@^4.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/lodash.assign" + ], + [ + "lodash.keys@4.0.3", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "lodash.keys@>=4.0.0 <5.0.0", + "_id": "lodash.keys@4.0.3", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/lodash.keys", + "_nodeVersion": "5.5.0", + "_npmOperationalInternal": { + "host": "packages-6-west.internal.npmjs.com", + "tmp": "tmp/lodash.keys-4.0.3.tgz_1455615421513_0.2519911821000278" + }, + "_npmUser": { + "email": "john.david.dalton@gmail.com", + "name": "jdalton" + }, + "_npmVersion": "2.14.18", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "lodash.keys@4.0.3", + "name": "lodash.keys", + "escapedName": "lodash.keys", + "rawSpec": "4.0.3", + "saveSpec": "[Circular]", + "fetchSpec": "4.0.3" + }, + "_requiredBy": [ + "/bundle-dependencies/lodash.assign" + ], + "_resolved": "https://registry.npmjs.org/lodash.keys/-/lodash.keys-4.0.3.tgz", + "_shasum": "f698bb75edfae6f690db9e11908157732fe7b342", + "_shrinkwrap": "[Circular]", + "_spec": "4.0.3", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "John-David Dalton", + "email": "john.david.dalton@gmail.com", + "url": "http://allyoucanleet.com/" + }, + "bugs": { + "url": "https://github.com/lodash/lodash/issues" + }, + "contributors": [ + { + "name": "John-David Dalton", + "email": "john.david.dalton@gmail.com", + "url": "http://allyoucanleet.com/" + }, + { + "name": "Blaine Bublitz", + "email": "blaine@iceddev.com", + "url": "https://github.com/phated" + }, + { + "name": "Mathias Bynens", + "email": "mathias@qiwi.be", + "url": "https://mathiasbynens.be/" + } + ], + "dependencies": {}, + "description": "The lodash method `_.keys` exported as a module.", + "devDependencies": {}, + "directories": {}, + "dist": { + "shasum": "f698bb75edfae6f690db9e11908157732fe7b342", + "tarball": "http://registry.npmjs.org/lodash.keys/-/lodash.keys-4.0.3.tgz" + }, + "homepage": "https://lodash.com/", + "icon": "https://lodash.com/icon.svg", + "keywords": [ + "lodash-modularized", + "keys" + ], + "license": "MIT", + "maintainers": [ + { + "name": "jdalton", + "email": "john.david.dalton@gmail.com" + }, + { + "name": "mathias", + "email": "mathias@qiwi.be" + }, + { + "name": "phated", + "email": "blaine@iceddev.com" + } + ], + "name": "lodash.keys", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/lodash/lodash.git" + }, + "scripts": { + "test": "echo \"See https://travis-ci.org/lodash/lodash-cli for testing details.\"" + }, + "version": "4.0.3", + "readme": "# lodash.keys v4.0.3\n\nThe [lodash](https://lodash.com/) method `_.keys` exported as a [Node.js](https://nodejs.org/) module.\n\n## Installation\n\nUsing npm:\n```bash\n$ {sudo -H} npm i -g npm\n$ npm i --save lodash.keys\n```\n\nIn Node.js:\n```js\nvar keys = require('lodash.keys');\n```\n\nSee the [documentation](https://lodash.com/docs#keys) or [package source](https://github.com/lodash/lodash/blob/4.0.3-npm-packages/lodash.keys) for more details.\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.keys", + "error": "[Circular]", + "extraneous": false + }, + "lodash.rest": { + "_args": [ + [ + "lodash.rest@^4.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/lodash.assign" + ], + [ + "lodash.rest@4.0.1", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "_from": "lodash.rest@>=4.0.0 <5.0.0", + "_id": "lodash.rest@4.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/lodash.rest", + "_nodeVersion": "5.4.0", + "_npmOperationalInternal": { + "host": "packages-5-east.internal.npmjs.com", + "tmp": "tmp/lodash.rest-4.0.1.tgz_1454484670768_0.6682933256961405" + }, + "_npmUser": { + "email": "john.david.dalton@gmail.com", + "name": "jdalton" + }, + "_npmVersion": "2.14.15", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "lodash.rest@4.0.1", + "name": "lodash.rest", + "escapedName": "lodash.rest", + "rawSpec": "4.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "4.0.1" + }, + "_requiredBy": [ + "/bundle-dependencies/lodash.assign" + ], + "_resolved": "https://registry.npmjs.org/lodash.rest/-/lodash.rest-4.0.1.tgz", + "_shasum": "cbecbb84e68e499a1b242baf9b27bb63ef4dd980", + "_shrinkwrap": "[Circular]", + "_spec": "4.0.1", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "author": { + "name": "John-David Dalton", + "email": "john.david.dalton@gmail.com", + "url": "http://allyoucanleet.com/" + }, + "bugs": { + "url": "https://github.com/lodash/lodash/issues" + }, + "contributors": [ + { + "name": "John-David Dalton", + "email": "john.david.dalton@gmail.com", + "url": "http://allyoucanleet.com/" + }, + { + "name": "Blaine Bublitz", + "email": "blaine@iceddev.com", + "url": "https://github.com/phated" + }, + { + "name": "Mathias Bynens", + "email": "mathias@qiwi.be", + "url": "https://mathiasbynens.be/" + } + ], + "dependencies": {}, + "description": "The lodash method `_.rest` exported as a module.", + "devDependencies": {}, + "directories": {}, + "dist": { + "shasum": "cbecbb84e68e499a1b242baf9b27bb63ef4dd980", + "tarball": "http://registry.npmjs.org/lodash.rest/-/lodash.rest-4.0.1.tgz" + }, + "homepage": "https://lodash.com/", + "icon": "https://lodash.com/icon.svg", + "keywords": [ + "lodash-modularized", + "rest" + ], + "license": "MIT", + "maintainers": [ + { + "name": "jdalton", + "email": "john.david.dalton@gmail.com" + }, + { + "name": "mathias", + "email": "mathias@qiwi.be" + }, + { + "name": "phated", + "email": "blaine@iceddev.com" + } + ], + "name": "lodash.rest", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/lodash/lodash.git" + }, + "scripts": { + "test": "echo \"See https://travis-ci.org/lodash/lodash-cli for testing details.\"" + }, + "version": "4.0.1", + "readme": "# lodash.rest v4.0.1\n\nThe [lodash](https://lodash.com/) method `_.rest` exported as a [Node.js](https://nodejs.org/) module.\n\n## Installation\n\nUsing npm:\n```bash\n$ {sudo -H} npm i -g npm\n$ npm i --save lodash.rest\n```\n\nIn Node.js:\n```js\nvar rest = require('lodash.rest');\n```\n\nSee the [documentation](https://lodash.com/docs#rest) or [package source](https://github.com/lodash/lodash/blob/4.0.1-npm-packages/lodash.rest) for more details.\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.rest", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "The lodash method `_.assign` exported as a module.", + "devDependencies": {}, + "directories": {}, + "dist": { + "shasum": "208252719b4375f361981c3ba3a8a09d1cbdb218", + "tarball": "http://registry.npmjs.org/lodash.assign/-/lodash.assign-4.0.3.tgz" + }, + "homepage": "https://lodash.com/", + "icon": "https://lodash.com/icon.svg", + "keywords": [ + "lodash-modularized", + "assign" + ], + "license": "MIT", + "maintainers": [ + { + "name": "jdalton", + "email": "john.david.dalton@gmail.com" + }, + { + "name": "mathias", + "email": "mathias@qiwi.be" + }, + { + "name": "phated", + "email": "blaine@iceddev.com" + } + ], + "name": "lodash.assign", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/lodash/lodash.git" + }, + "scripts": { + "test": "echo \"See https://travis-ci.org/lodash/lodash-cli for testing details.\"" + }, + "version": "4.0.3", + "readme": "# lodash.assign v4.0.3\n\nThe [lodash](https://lodash.com/) method `_.assign` exported as a [Node.js](https://nodejs.org/) module.\n\n## Installation\n\nUsing npm:\n```bash\n$ {sudo -H} npm i -g npm\n$ npm i --save lodash.assign\n```\n\nIn Node.js:\n```js\nvar assign = require('lodash.assign');\n```\n\nSee the [documentation](https://lodash.com/docs#assign) or [package source](https://github.com/lodash/lodash/blob/4.0.3-npm-packages/lodash.assign) for more details.\n", + "readmeFilename": "README.md", + "_dependencies": { + "lodash.keys": "^4.0.0", + "lodash.rest": "^4.0.0" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.assign", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "the mighty option parser used by yargs", + "devDependencies": { + "chai": "^3.5.0", + "coveralls": "^2.11.6", + "mocha": "^2.4.5", + "nyc": "^5.6.0", + "standard": "^5.4.1" + }, + "directories": {}, + "dist": { + "shasum": "5f214362f948a085389abf34a78d8b5eef0b1350", + "tarball": "http://registry.npmjs.org/yargs-parser/-/yargs-parser-2.1.0.tgz" + }, + "gitHead": "78f49ffde9a3305facb66b2faeae862b33d0745e", + "homepage": "https://github.com/yargs/yargs-parser#readme", + "keywords": [ + "argument", + "parser", + "yargs", + "command", + "cli", + "parsing", + "option", + "args", + "argument" + ], + "license": "ISC", + "main": "index.js", + "maintainers": [ + { + "name": "bcoe", + "email": "ben@npmjs.com" + } + ], + "name": "yargs-parser", + "optionalDependencies": {}, + "repository": { + "url": "git+ssh://git@github.com/yargs/yargs-parser.git" + }, + "scripts": { + "coverage": "nyc report --reporter=text-lcov | coveralls", + "pretest": "standard", + "test": "nyc mocha test/*.js" + }, + "version": "2.1.0", + "readme": "# yargs-parser\n\n[![Build Status](https://travis-ci.org/yargs/yargs-parser.png)](https://travis-ci.org/yargs/yargs-parser)\n[![Coverage Status](https://coveralls.io/repos/yargs/yargs-parser/badge.svg?branch=)](https://coveralls.io/r/yargs/yargs-parser?branch=master)\n[![NPM version](https://img.shields.io/npm/v/yargs-parser.svg)](https://www.npmjs.com/package/yargs-parser)\n[![Windows Tests](https://img.shields.io/appveyor/ci/bcoe/yargs-parser/master.svg?label=Windows%20Tests)](https://ci.appveyor.com/project/bcoe/yargs-parser)\n\nThe mighty option parser used by [yargs](https://github.com/bcoe/yargs).\n\nvisit the [yargs website](http://yargs.js.org/) for more examples, and thorough usage instructions.\n\n\n\n## Example\n\n```sh\nnpm i yargs-parser --save\n```\n\n```js\nvar argv = require('yargs-parser')(process.argv.slice(2));\nconsole.log(argv)\n```\n\n```sh\nnode example.js --foo=33 --bar hello\n{ _: [], foo: 33, bar: 'hello' }\n```\n\n_or parse a string!_\n\n```js\nvar argv = require('./')('--foo=99 --bar=33');\nconsole.log(argv)\n```\n\n```sh\n{ _: [], foo: 99, bar: 33 }\n```\n\n## API\n\n### require('yargs-parser')(args, opts={})\n\nParses command line arguments returning a simple mapping of keys and values.\n\n**expects:**\n\n* `args`: an array or string representing the options to parse.\n* `opts`: provide a set of hints indicating how `args` should be parsed:\n * `opts.alias`: an object representing the set of aliases for a key: `{alias: {foo: ['f']}}`.\n * `opts.array`: indicate that keys should be parsed as an array: `{array: ['foo', 'bar']}`.\n * `opts.boolean`: arguments should be parsed as booleans: `{boolean: ['x', 'y']}`.\n * `opts.config`: indicate a key that represents a path to a configuration file (this file will be loaded and parsed).\n * `opts.count`: indicate a key that should be used as a counter, e.g., `-vvv` = `{v: 3}`.\n * `opts.default`: provide default values for keys: `{default: {x: 33, y: 'hello world!'}}`.\n * `opts.envPrefix`: environment variables (`process.env`) with the prefix provided should be parsed.\n * `opts.narg`: specify that a key requires `n` arguments: `{narg: {x: 2}}`.\n * `opts.normalize`: `path.normalize()` will be applied to values set to this key.\n * `opts.string`: keys should be treated as strings (even if they resemble a number `-x 33`).\n * `opts.configuration`: provide configuration options to the yargs-parser (see: [configuration](#configuration)).\n * `opts.number`: keys should be treated as numbers.\n\n**returns:**\n\n* `obj`: an object representing the parsed value of `args`\n * `key/value`: key value pairs for each argument and their aliases.\n * `_`: an array representing the positional arguments.\n\n### require('yargs-parser').detailed(args, opts={})\n\nParses a command line string, returning detailed information required by the\nyargs engine.\n\n**expects:**\n\n* `args`: an array or string representing options to parse.\n* `opts`: provide a set of hints indicating how `args`, inputs are identical to `require('yargs-parser')(args, opts={})`.\n\n**returns:**\n\n* `argv`: an object representing the parsed value of `args`\n * `key/value`: key value pairs for each argument and their aliases.\n * `_`: an array representing the positional arguments.\n* `error`: populated with an error object if an exception occurred during parsing.\n* `aliases`: the inferred list of aliases built by combining lists in `opts.alias`.\n* `newAliases`: any new aliases added via camel-case expansion.\n* `configuration`: the configuration loaded from the `yargs` stanza in package.json.\n\n\n### Configuration\n\nThe yargs-parser applies several automated transformations on the keys provided\nin `args`. These features can be turned on and off using the `configuration` field\nof `opts`.\n\n```js\nvar parsed = parser(['--no-dice'], {\n configuration: {\n 'boolean-negation': false\n }\n})\n```\n\n### short option groups\n\n* default: `true`.\n* key: `short-option-groups`.\n\nShould a group of short-options be treated as boolean flags?\n\n```sh\nnode example.js -abc\n{ _: [], a: true, b: true, c: true }\n```\n\n_if disabled:_\n\n```sh\nnode example.js -abc\n{ _: [], abc: true }\n```\n\n### camel-case expansion\n\n* default: `true`.\n* key: `camel-case-expansion`.\n\nShould hyphenated arguments be expanded into camel-case aliases?\n\n```sh\nnode example.js --foo-bar\n{ _: [], 'foo-bar': true, fooBar: true }\n```\n\n_if disabled:_\n\n```sh\nnode example.js --foo-bar\n{ _: [], 'foo-bar': true }\n```\n\n### dot-notation\n\n* default: `true`\n* key: `dot-notation`\n\nShould keys that contain `.` be treated as objects?\n\n```sh\nnode example.js --foo.bar\n{ _: [], foo: { bar: true } }\n```\n\n_if disabled:_\n\n```sh\nnode example.js --foo.bar\n{ _: [], \"foo.bar\": true }\n```\n\n### parse numbers\n\n* default: `true`\n* key: 'parse-numbers'\n\nShould keys that look like numbers be treated as such?\n\n```sh\nnode example.js --foo=99.3\n{ _: [], foo: 99.3 }\n```\n\n_if disabled:_\n\n```sh\nnode example.js --foo=99.3\n{ _: [], foo: \"99.3\" }\n```\n\n### boolean negation\n\n* default: `true`\n* key: 'boolean-negation'\n\nShould variables prefixed with `--no` be treated as negations?\n\n```sh\nnode example.js --no-foo\n{ _: [], foo: false }\n```\n\n_if disabled:_\n\n```sh\nnode example.js --no-foo\n{ _: [], \"no-foo\": true }\n```\n\n## Special Thanks\n\nThe yargs project evolves from optimist and minimist. It owes its\nexistence to a lot of James Halliday's hard work. Thanks [substack](https://github.com/substack) **beep** **boop** \\o/\n\n## License\n\nISC\n", + "readmeFilename": "README.md", + "_dependencies": { + "camelcase": "^2.1.0", + "lodash.assign": "^4.0.2" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/yargs-parser", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Light-weight option parsing with an argv hash. No optstrings attached.", + "devDependencies": { + "chai": "^3.4.1", + "chalk": "^1.1.1", + "coveralls": "^2.11.4", + "cpr": "^1.0.0", + "es6-promise": "^3.0.2", + "hashish": "0.0.4", + "mocha": "^2.4.5", + "nyc": "^5.2.0", + "rimraf": "^2.5.0", + "standard": "^6.0.5", + "which": "^1.1.2", + "win-spawn": "^2.0.0" + }, + "directories": {}, + "dist": { + "shasum": "035e5ea466ac7fea584b00353e33eae4082b9894", + "tarball": "http://registry.npmjs.org/yargs/-/yargs-4.1.0.tgz" + }, + "engine": { + "node": ">=0.10" + }, + "files": [ + "index.js", + "lib", + "locales", + "completion.sh.hbs", + "LICENSE" + ], + "gitHead": "3808fabcd36645a1c855385e62c31fd5917ee447", + "homepage": "http://yargs.js.org/", + "keywords": [ + "argument", + "args", + "option", + "parser", + "parsing", + "cli", + "command" + ], + "license": "MIT", + "main": "./index.js", + "maintainers": [ + { + "name": "bcoe", + "email": "ben@npmjs.com" + }, + { + "name": "chevex", + "email": "alex.ford@codetunnel.com" + }, + { + "name": "nexdrew", + "email": "andrew@npmjs.com" + }, + { + "name": "nylen", + "email": "jnylen@gmail.com" + } + ], + "name": "yargs", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+ssh://git@github.com/bcoe/yargs.git" + }, + "scripts": { + "coverage": "nyc report --reporter=text-lcov | coveralls", + "pretest": "standard", + "test": "nyc --cache mocha --require ./test/before.js --timeout=4000 --check-leaks" + }, + "standard": { + "ignore": [ + "**/example/**" + ] + }, + "version": "4.1.0", + "readme": "yargs\n========\n\nYargs be a node.js library fer hearties tryin' ter parse optstrings.\n\nWith yargs, ye be havin' a map that leads straight to yer treasure! Treasure of course, being a simple option hash.\n\n[![Build Status][travis-image]][travis-url]\n[![Dependency Status][gemnasium-image]][gemnasium-url]\n[![Coverage Status][coveralls-image]][coveralls-url]\n[![NPM version][npm-image]][npm-url]\n[![Windows Tests][windows-image]][windows-url]\n[![js-standard-style][standard-image]](standard-url)\n\n> Yargs is the official successor to optimist. Please feel free to submit issues and pull requests. If you'd like to contribute and don't know where to start, have a look at [the issue list](https://github.com/bcoe/yargs/issues) :)\n\nexamples\n========\n\nWith yargs, the options be just a hash!\n-------------------------------------------------------------------\n\nplunder.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs').argv;\n\nif (argv.ships > 3 && argv.distance < 53.5) {\n console.log('Plunder more riffiwobbles!');\n}\nelse {\n console.log('Retreat from the xupptumblers!');\n}\n````\n\n***\n\n $ ./plunder.js --ships=4 --distance=22\n Plunder more riffiwobbles!\n\n $ ./plunder.js --ships 12 --distance 98.7\n Retreat from the xupptumblers!\n\n![Joe was one optimistic pirate.](http://i.imgur.com/4WFGVJ9.png)\n\nBut don't walk the plank just yet! There be more! You can do short options:\n-------------------------------------------------\n\nshort.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs').argv;\nconsole.log('(%d,%d)', argv.x, argv.y);\n````\n\n***\n\n $ ./short.js -x 10 -y 21\n (10,21)\n\nAnd booleans, both long, short, and even grouped:\n----------------------------------\n\nbool.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs').argv;\n\nif (argv.s) {\n process.stdout.write(argv.fr ? 'Le perroquet dit: ' : 'The parrot says: ');\n}\nconsole.log(\n (argv.fr ? 'couac' : 'squawk') + (argv.p ? '!' : '')\n);\n````\n\n***\n\n $ ./bool.js -s\n The parrot says: squawk\n\n $ ./bool.js -sp\n The parrot says: squawk!\n\n $ ./bool.js -sp --fr\n Le perroquet dit: couac!\n\nAnd non-hyphenated options too! Just use `argv._`!\n-------------------------------------------------\n\nnonopt.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs').argv;\nconsole.log('(%d,%d)', argv.x, argv.y);\nconsole.log(argv._);\n````\n\n***\n\n $ ./nonopt.js -x 6.82 -y 3.35 rum\n (6.82,3.35)\n [ 'rum' ]\n\n $ ./nonopt.js \"me hearties\" -x 0.54 yo -y 1.12 ho\n (0.54,1.12)\n [ 'me hearties', 'yo', 'ho' ]\n\nYargs even counts your booleans!\n----------------------------------------------------------------------\n\ncount.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs')\n .count('verbose')\n .alias('v', 'verbose')\n .argv;\n\nVERBOSE_LEVEL = argv.verbose;\n\nfunction WARN() { VERBOSE_LEVEL >= 0 && console.log.apply(console, arguments); }\nfunction INFO() { VERBOSE_LEVEL >= 1 && console.log.apply(console, arguments); }\nfunction DEBUG() { VERBOSE_LEVEL >= 2 && console.log.apply(console, arguments); }\n\nWARN(\"Showing only important stuff\");\nINFO(\"Showing semi-important stuff too\");\nDEBUG(\"Extra chatty mode\");\n````\n\n***\n $ node count.js\n Showing only important stuff\n\n $ node count.js -v\n Showing only important stuff\n Showing semi-important stuff too\n\n $ node count.js -vv\n Showing only important stuff\n Showing semi-important stuff too\n Extra chatty mode\n\n $ node count.js -v --verbose\n Showing only important stuff\n Showing semi-important stuff too\n Extra chatty mode\n\nTell users how to use yer options and make demands.\n-------------------------------------------------\n\narea.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs')\n .usage('Usage: $0 -w [num] -h [num]')\n .demand(['w','h'])\n .argv;\n\nconsole.log(\"The area is:\", argv.w * argv.h);\n````\n\n***\n\n $ ./area.js -w 55 -h 11\n The area is: 605\n\n $ node ./area.js -w 4.91 -w 2.51\n Usage: area.js -w [num] -h [num]\n\n Options:\n -w [required]\n -h [required]\n\n Missing required arguments: h\n\nAfter yer demands have been met, demand more! Ask for non-hyphenated arguments!\n-----------------------------------------\n\ndemand_count.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs')\n .demand(2)\n .argv;\nconsole.dir(argv);\n````\n\n***\n\n\t$ ./demand_count.js a\n\n\tNot enough non-option arguments: got 1, need at least 2\n\n\t$ ./demand_count.js a b\n\t{ _: [ 'a', 'b' ], '$0': 'demand_count.js' }\n\n\t$ ./demand_count.js a b c\n\t{ _: [ 'a', 'b', 'c' ], '$0': 'demand_count.js' }\n\nEVEN MORE SHIVER ME TIMBERS!\n------------------\n\ndefault_singles.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs')\n .default('x', 10)\n .default('y', 10)\n .argv\n;\nconsole.log(argv.x + argv.y);\n````\n\n***\n\n $ ./default_singles.js -x 5\n 15\n\ndefault_hash.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs')\n .default({ x : 10, y : 10 })\n .argv\n;\nconsole.log(argv.x + argv.y);\n````\n\n***\n\n $ ./default_hash.js -y 7\n 17\n\nAnd if you really want to get all descriptive about it...\n---------------------------------------------------------\n\nboolean_single.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs')\n .boolean('v')\n .argv\n;\nconsole.dir(argv.v);\nconsole.dir(argv._);\n````\n\n***\n\n $ ./boolean_single.js -v \"me hearties\" yo ho\n true\n [ 'me hearties', 'yo', 'ho' ]\n\n\nboolean_double.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs')\n .boolean(['x','y','z'])\n .argv\n;\nconsole.dir([ argv.x, argv.y, argv.z ]);\nconsole.dir(argv._);\n````\n\n***\n\n $ ./boolean_double.js -x -z one two three\n [ true, false, true ]\n [ 'one', 'two', 'three' ]\n\nYargs is here to help you...\n---------------------------\n\nYe can describe parameters fer help messages and set aliases. Yargs figures\nout how ter format a handy help string automatically.\n\nline_count.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs')\n .usage('Usage: $0 [options]')\n .command('count', 'Count the lines in a file')\n .demand(1)\n .example('$0 count -f foo.js', 'count the lines in the given file')\n .demand('f')\n .alias('f', 'file')\n .nargs('f', 1)\n .describe('f', 'Load a file')\n .help('h')\n .alias('h', 'help')\n .epilog('copyright 2015')\n .argv;\n\nvar fs = require('fs');\nvar s = fs.createReadStream(argv.file);\n\nvar lines = 0;\ns.on('data', function (buf) {\n lines += buf.toString().match(/\\n/g).length;\n});\n\ns.on('end', function () {\n console.log(lines);\n});\n````\n\n***\n $ node line_count.js count\n Usage: line_count.js [options]\n\n Commands:\n count Count the lines in a file\n\n Options:\n -f, --file Load a file [required]\n -h, --help Show help [boolean]\n\n Examples:\n line_count.js count -f foo.js count the lines in the given file\n\n copyright 2015\n\n Missing required arguments: f\n\n $ node line_count.js count --file line_count.js\n 26\n\n $ node line_count.js count -f line_count.js\n 26\n\nmethods\n=======\n\nBy itself,\n\n````javascript\nrequire('yargs').argv\n````\n\nwill use the `process.argv` array to construct the `argv` object.\n\nYou can pass in the `process.argv` yourself:\n\n````javascript\nrequire('yargs')([ '-x', '1', '-y', '2' ]).argv\n````\n\nor use `.parse()` to do the same thing:\n\n````javascript\nrequire('yargs').parse([ '-x', '1', '-y', '2' ])\n````\n\nThe rest of these methods below come in just before the terminating `.argv`.\n\n.alias(key, alias)\n------------------\n\nSet key names as equivalent such that updates to a key will propagate to aliases\nand vice-versa.\n\nOptionally `.alias()` can take an object that maps keys to aliases.\nEach key of this object should be the canonical version of the option, and each\nvalue should be a string or an array of strings.\n\n.argv\n-----\n\nGet the arguments as a plain old object.\n\nArguments without a corresponding flag show up in the `argv._` array.\n\nThe script name or node command is available at `argv.$0` similarly to how `$0`\nworks in bash or perl.\n\nIf `yargs` is executed in an environment that embeds node and there's no script name (e.g.\n[Electron](http://electron.atom.io/) or [nw.js](http://nwjs.io/)), it will ignore the first parameter since it\nexpects it to be the script name. In order to override this behavior, use `.parse(process.argv.slice(1))`\ninstead of `.argv` and the first parameter won't be ignored.\n\n.array(key)\n----------\n\nTell the parser to interpret `key` as an array. If `.array('foo')` is set,\n`--foo foo bar` will be parsed as `['foo', 'bar']` rather than as `'foo'`.\n\n.boolean(key)\n-------------\n\nInterpret `key` as a boolean. If a non-flag option follows `key` in\n`process.argv`, that string won't get set as the value of `key`.\n\n`key` will default to `false`, unless a `default(key, undefined)` is\nexplicitly set.\n\nIf `key` is an array, interpret all the elements as booleans.\n\n.check(fn)\n----------\n\nCheck that certain conditions are met in the provided arguments.\n\n`fn` is called with two arguments, the parsed `argv` hash and an array of options and their aliases.\n\nIf `fn` throws or returns a non-truthy value, show the thrown error, usage information, and\nexit.\n\n.choices(key, choices)\n----------------------\n\nLimit valid values for `key` to a predefined set of `choices`, given as an array\nor as an individual value.\n\n```js\nvar argv = require('yargs')\n .alias('i', 'ingredient')\n .describe('i', 'choose your sandwich ingredients')\n .choices('i', ['peanut-butter', 'jelly', 'banana', 'pickles'])\n .help('help')\n .argv\n```\n\nIf this method is called multiple times, all enumerated values will be merged\ntogether. Choices are generally strings or numbers, and value matching is\ncase-sensitive.\n\nOptionally `.choices()` can take an object that maps multiple keys to their\nchoices.\n\nChoices can also be specified as `choices` in the object given to `option()`.\n\n```js\nvar argv = require('yargs')\n .option('size', {\n alias: 's',\n describe: 'choose a size',\n choices: ['xs', 's', 'm', 'l', 'xl']\n })\n .argv\n```\n\n.command(cmd, desc, [builder], [handler])\n-------------------\n.command(cmd, desc, [module])\n-------------------\n\nDocument the commands exposed by your application.\n\nUse `desc` to provide a description for each command your application accepts (the\nvalues stored in `argv._`). Set `desc` to `false` to create a hidden command.\nHidden commands don't show up in the help output and aren't available for\ncompletion.\n\nOptionally, you can provide a `builder` object to give hints about the\noptions that your command accepts:\n\n```js\nyargs.command('get', 'make a get HTTP request', {\n url: {\n alias: 'u',\n default: 'http://yargs.js.org/'\n }\n })\n .help()\n .argv\n```\n\n`builder` can also be a function. This function is executed\nwith a `yargs` instance, and can be used to provide _advanced_ command specific help:\n\n```js\nyargs.command('get', 'make a get HTTP request', function (yargs) {\n return yargs.option('url', {\n alias: 'u',\n default: 'http://yargs.js.org/'\n })\n })\n .help()\n .argv\n```\n\nYou can also provide a handler function, which will be executed with the\nparsed `argv` object:\n\n```js\nyargs\n .command(\n 'get',\n 'make a get HTTP request',\n function (yargs) {\n return yargs.option('u', {\n alias: 'url',\n describe: 'the URL to make an HTTP request to'\n })\n },\n function (argv) {\n console.log(argv.url)\n }\n )\n .help()\n .argv\n```\n\n### Positional Arguments\n\nCommands can accept _optional_ and _required_ positional arguments. Required\npositional arguments take the form ``, and optional arguments\ntake the form `[bar]`. The parsed positional arguments will be populated in\n`argv`:\n\n```js\nyargs.command('get [proxy]', 'make a get HTTP request')\n .help()\n .argv\n```\n\n### Providing a Command Module\n\nFor complicated commands you can pull the logic into a module. A module\nsimply needs to export:\n\n* `exports.builder`: which describes the options that a command accepts.\n* `exports.handler`: a function which will be passed the parsed argv.\n\n```js\n// my-module.js\nexports.builder = {\n banana: {\n default: 'cool'\n },\n batman: {\n default: 'sad'\n }\n}\n\nexports.handler = function (argv) {\n // do something with argv.\n}\n```\n\nYou then register the module like so:\n\n```js\nyargs.command('get [proxy]', 'make a get HTTP request', require('my-module'))\n .help()\n .argv\n```\n\n.completion(cmd, [description], [fn]);\n-------------\n\nEnable bash-completion shortcuts for commands and options.\n\n`cmd`: When present in `argv._`, will result in the `.bashrc` completion script\nbeing outputted. To enable bash completions, concat the generated script to your\n`.bashrc` or `.bash_profile`.\n\n`description`: Provide a description in your usage instructions for the command\nthat generates bash completion scripts.\n\n`fn`: Rather than relying on yargs' default completion functionality, which\nshiver me timbers is pretty awesome, you can provide your own completion\nmethod.\n\n```js\nvar argv = require('yargs')\n .completion('completion', function(current, argv) {\n // 'current' is the current command being completed.\n // 'argv' is the parsed arguments so far.\n // simply return an array of completions.\n return [\n 'foo',\n 'bar'\n ];\n })\n .argv;\n```\n\nYou can also provide asynchronous completions.\n\n```js\nvar argv = require('yargs')\n .completion('completion', function(current, argv, done) {\n setTimeout(function() {\n done([\n 'apple',\n 'banana'\n ]);\n }, 500);\n })\n .argv;\n```\n\nBut wait, there's more! You can return an asynchronous promise.\n\n```js\nvar argv = require('yargs')\n .completion('completion', function(current, argv, done) {\n return new Promise(function (resolve, reject) {\n setTimeout(function () {\n resolve(['apple', 'banana'])\n }, 10)\n })\n })\n .argv;\n```\n\n.config(key, [description], [parseFn])\n------------\n\nTells the parser that if the option specified by `key` is passed in, it\nshould be interpreted as a path to a JSON config file. The file is loaded\nand parsed, and its properties are set as arguments.\n\nAn optional `description` can be provided to customize the config (`key`) option\nin the usage string.\n\nAn optional `parseFn` can be used to provide a custom parser. The parsing\nfunction must be synchronous, and should return an object containing\nkey value pairs or an error.\n\n```js\nvar argv = require('yargs')\n .config('settings', function (configPath) {\n return JSON.parse(fs.readFileSync(configPath, 'utf-8'))\n })\n .argv\n```\n\n.count(key)\n------------\n\nInterpret `key` as a boolean flag, but set its parsed value to the number of\nflag occurrences rather than `true` or `false`. Default value is thus `0`.\n\n.default(key, value, [description])\n--------------------\n\nSet `argv[key]` to `value` if no option was specified in `process.argv`.\n\nOptionally `.default()` can take an object that maps keys to default values.\n\nBut wait, there's more! The default value can be a `function` which returns\na value. The name of the function will be used in the usage string:\n\n```js\nvar argv = require('yargs')\n .default('random', function randomValue() {\n return Math.random() * 256;\n }).argv;\n```\n\nOptionally, `description` can also be provided and will take precedence over\ndisplaying the value in the usage instructions:\n\n```js\n.default('timeout', 60000, '(one-minute)')\n```\n\n.demand(key, [msg | boolean])\n------------------------------\n.demand(count, [max], [msg])\n------------------------------\n\nIf `key` is a string, show the usage information and exit if `key` wasn't\nspecified in `process.argv`.\n\nIf `key` is a number, demand at least as many non-option arguments, which show\nup in `argv._`. A second number can also optionally be provided, which indicates\nthe maximum number of non-option arguments.\n\nIf `key` is an array, demand each element.\n\nIf a `msg` string is given, it will be printed when the argument is missing,\ninstead of the standard error message. This is especially helpful for the non-option arguments in `argv._`.\n\nIf a `boolean` value is given, it controls whether the option is demanded;\nthis is useful when using `.options()` to specify command line parameters.\n\nA combination of `.demand(1)` and `.strict()` will allow you to require a user to pass at least one command:\n\n```js\nvar argv = require('yargs')\n .command('install', 'tis a mighty fine package to install')\n .demand(1)\n .strict()\n .argv\n```\n\nSimilarly, you can require a command and arguments at the same time:\n\n```js\nvar argv = require('yargs')\n .command('install', 'tis a mighty fine package to install')\n .demand(1, ['w', 'm'])\n .strict()\n .argv\n```\n\n.describe(key, desc)\n--------------------\n\nDescribe a `key` for the generated usage information.\n\nOptionally `.describe()` can take an object that maps keys to descriptions.\n\n.detectLocale(boolean)\n-----------\n\nShould yargs attempt to detect the os' locale? Defaults to `true`.\n\n.env([prefix])\n--------------\n\nTell yargs to parse environment variables matching the given prefix and apply\nthem to argv as though they were command line arguments.\n\nIf this method is called with no argument or with an empty string or with `true`,\nthen all env vars will be applied to argv.\n\nProgram arguments are defined in this order of precedence:\n\n1. Command line args\n2. Config file\n3. Env var\n4. Configured defaults\n\n```js\nvar argv = require('yargs')\n .env('MY_PROGRAM')\n .option('f', {\n alias: 'fruit-thing',\n default: 'apple'\n })\n .argv\nconsole.log(argv)\n```\n\n```\n$ node fruity.js\n{ _: [],\n f: 'apple',\n 'fruit-thing': 'apple',\n fruitThing: 'apple',\n '$0': 'fruity.js' }\n```\n\n```\n$ MY_PROGRAM_FRUIT_THING=banana node fruity.js\n{ _: [],\n fruitThing: 'banana',\n f: 'banana',\n 'fruit-thing': 'banana',\n '$0': 'fruity.js' }\n```\n\n```\n$ MY_PROGRAM_FRUIT_THING=banana node fruity.js -f cat\n{ _: [],\n f: 'cat',\n 'fruit-thing': 'cat',\n fruitThing: 'cat',\n '$0': 'fruity.js' }\n```\n\nEnv var parsing is disabled by default, but you can also explicitly disable it\nby calling `.env(false)`, e.g. if you need to undo previous configuration.\n\n.epilog(str)\n------------\n.epilogue(str)\n--------------\n\nA message to print at the end of the usage instructions, e.g.\n\n```js\nvar argv = require('yargs')\n .epilogue('for more information, find our manual at http://example.com');\n```\n\n.example(cmd, desc)\n-------------------\n\nGive some example invocations of your program. Inside `cmd`, the string\n`$0` will get interpolated to the current script name or node command for the\npresent script similar to how `$0` works in bash or perl.\nExamples will be printed out as part of the help message.\n\n.exitProcess(enable)\n----------------------------------\n\nBy default, yargs exits the process when the user passes a help flag, uses the\n`.version` functionality, or when validation fails. Calling\n`.exitProcess(false)` disables this behavior, enabling further actions after\nyargs have been validated.\n\n.fail(fn)\n---------\n\nMethod to execute when a failure occurs, rather than printing the failure message.\n\n`fn` is called with the failure message that would have been printed.\n\n.global(globals)\n------------\n\nIndicate that an option (or group of options) should not be reset when a command\nis executed, as an example:\n\n```js\nvar argv = require('yargs')\n .option('a', {\n alias: 'all',\n default: true\n })\n .option('n', {\n alias: 'none',\n default: true\n })\n .command('foo', 'foo command', function (yargs) {\n return yargs.option('b', {\n alias: 'bar'\n })\n })\n .help('help')\n .global('a')\n .argv\n```\n\nIf the `foo` command is executed the `all` option will remain, but the `none`\noption will have been eliminated.\n\n`help`, `version`, and `completion` options default to being global.\n\n.group(key(s), groupName)\n--------------------\n\nGiven a key, or an array of keys, places options under an alternative heading\nwhen displaying usage instructions, e.g.,\n\n```js\nvar yargs = require('yargs')(['--help'])\n .help()\n .group('batman', 'Heroes:')\n .describe('batman', \"world's greatest detective\")\n .wrap(null)\n .argv\n```\n***\n Heroes:\n --batman world's greatest detective\n\n Options:\n --help Show help [boolean]\n\n.help([option, [description]])\n------------------------------\n\nAdd an option (e.g. `--help`) that displays the usage string and exits the\nprocess. If present, the `description` parameter customizes the description of\nthe help option in the usage string.\n\nIf invoked without parameters, `.help()` will make `--help` the option to trigger\nhelp output.\n\nExample:\n\n```js\nvar yargs = require(\"yargs\")['--help']\n .usage(\"$0 -operand1 number -operand2 number -operation [add|subtract]\");\n .help()\n```\n\nLater on, `argv` can be retrieved with `yargs.argv`.\n\n.implies(x, y)\n--------------\n\nGiven the key `x` is set, it is required that the key `y` is set.\n\nOptionally `.implies()` can accept an object specifying multiple implications.\n\n.locale()\n---------\n\nReturn the locale that yargs is currently using.\n\nBy default, yargs will auto-detect the operating system's locale so that\nyargs-generated help content will display in the user's language.\n\nTo override this behavior with a static locale, pass the desired locale as a\nstring to this method (see below).\n\n.locale(locale)\n---------------\n\nOverride the auto-detected locale from the user's operating system with a static\nlocale. Note that the OS locale can be modified by setting/exporting the `LC_ALL`\nenvironment variable.\n\n```js\nvar argv = require('yargs')\n .usage('./$0 - follow ye instructions true')\n .option('option', {\n alias: 'o',\n describe: \"'tis a mighty fine option\",\n demand: true\n })\n .command('run', \"Arrr, ya best be knowin' what yer doin'\")\n .example('$0 run foo', \"shiver me timbers, here's an example for ye\")\n .help('help')\n .wrap(70)\n .locale('pirate')\n .argv\n```\n\n***\n\n```shell\n./test.js - follow ye instructions true\n\nChoose yer command:\n run Arrr, ya best be knowin' what yer doin'\n\nOptions for me hearties!\n --option, -o 'tis a mighty fine option [requi-yar-ed]\n --help Parlay this here code of conduct [boolean]\n\nEx. marks the spot:\n test.js run foo shiver me timbers, here's an example for ye\n\nYe be havin' to set the followin' argument land lubber: option\n```\n\nLocales currently supported:\n\n* **de:** German.\n* **en:** American English.\n* **es:** Spanish.\n* **fr:** French.\n* **id:** Indonesian.\n* **ja:** Japanese.\n* **ko:** Korean.\n* **nb:** Norwegian Bokmål.\n* **pirate:** American Pirate.\n* **pt:** Portuguese.\n* **pt_BR:** Brazilian Portuguese.\n* **tr:** Turkish.\n* **zh:** Chinese.\n\nTo submit a new translation for yargs:\n\n1. use `./locales/en.json` as a starting point.\n2. submit a pull request with the new locale file.\n\n*The [Microsoft Terminology Search](http://www.microsoft.com/Language/en-US/Search.aspx) can be useful for finding the correct terminology in your locale.*\n\n.nargs(key, count)\n-----------\n\nThe number of arguments that should be consumed after a key. This can be a\nuseful hint to prevent parsing ambiguity. For example:\n\n```js\nvar argv = require('yargs')\n .nargs('token', 1)\n .parse(['--token', '-my-token']);\n```\n\nparses as:\n\n`{ _: [], token: '-my-token', '$0': 'node test' }`\n\nOptionally `.nargs()` can take an object of `key`/`narg` pairs.\n\n.normalize(key)\n---------------\n\nThe key provided represents a path and should have `path.normalize()` applied.\n\n.option(key, opt)\n-----------------\n.options(key, opt)\n------------------\n\nInstead of chaining together `.alias().demand().default().describe().string()`, you can specify\nkeys in `opt` for each of the chainable methods.\n\nFor example:\n\n````javascript\nvar argv = require('yargs')\n .option('f', {\n alias: 'file',\n demand: true,\n default: '/etc/passwd',\n describe: 'x marks the spot',\n type: 'string'\n })\n .argv\n;\n````\n\nis the same as\n\n````javascript\nvar argv = require('yargs')\n .alias('f', 'file')\n .demand('f')\n .default('f', '/etc/passwd')\n .describe('f', 'x marks the spot')\n .string('f')\n .argv\n;\n````\n\nOptionally `.options()` can take an object that maps keys to `opt` parameters.\n\n````javascript\nvar argv = require('yargs')\n .options({\n 'f': {\n alias: 'file',\n demand: true,\n default: '/etc/passwd',\n describe: 'x marks the spot',\n type: 'string'\n }\n })\n .argv\n;\n````\n\nValid `opt` keys include:\n\n- `alias`: string or array of strings, alias(es) for the canonical option key, see [`alias()`](#alias)\n- `array`: boolean, interpret option as an array, see [`array()`](#array)\n- `boolean`: boolean, interpret option as a boolean flag, see [`boolean()`](#boolean)\n- `choices`: value or array of values, limit valid option arguments to a predefined set, see [`choices()`](#choices)\n- `config`: boolean, interpret option as a path to a JSON config file, see [`config()`](#config)\n- `configParser`: function, provide a custom config parsing function, see [`config()`](#config)\n- `count`: boolean, interpret option as a count of boolean flags, see [`count()`](#count)\n- `default`: value, set a default value for the option, see [`default()`](#default)\n- `defaultDescription`: string, use this description for the default value in help content, see [`default()`](#default)\n- `demand`/`require`/`required`: boolean or string, demand the option be given, with optional error message, see [`demand()`](#demand)\n- `desc`/`describe`/`description`: string, the option description for help content, see [`describe()`](#describe)\n- `global`: boolean, indicate that this key should not be [reset](#reset) when a command is invoked, see [`global()`](#global)\n- `group`: string, when displaying usage instructions place the option under an alternative group heading, see [`group()`](#group)\n- `nargs`: number, specify how many arguments should be consumed for the option, see [`nargs()`](#nargs)\n- `normalize`: The option should be normalized, see [`normalize()`](#normalize)\n- `requiresArg`: boolean, require the option be specified with a value, see [`requiresArg()`](#requiresArg)\n- `string`: boolean, interpret option as a string, see [`string()`](#string)\n- `number`: number, keys are treated as numbers, [`number()`](#number)\n- `type`: one of the following strings\n - `'array'`: synonymous for `array: true`, see [`array()`](#array)\n - `'boolean'`: synonymous for `boolean: true`, see [`boolean()`](#boolean)\n - `'count'`: synonymous for `count: true`, see [`count()`](#count)\n - `'string'`: synonymous for `string: true`, see [`string()`](#string)\n - `'number'`: synonymous for `number: true`, see [`number()`](#number)\n\n.parse(args)\n------------\n\nParse `args` instead of `process.argv`. Returns the `argv` object.\n\n`args` may either be a pre-processed argv array, or a raw argument string.\n\n.pkgConf(key, [cwd])\n------------\n\nSimilar to [`config()`](#config), indicates that yargs should read\ndefault argument values from the specified key in package.json.\n\n`cwd` can optionally be provided, the package.json will be read\nfrom this location.\n\n.require(key, [msg | boolean])\n------------------------------\n.required(key, [msg | boolean])\n------------------------------\n\nAn alias for [`demand()`](#demand). See docs there.\n\n.requiresArg(key)\n-----------------\n\nSpecifies either a single option key (string), or an array of options that\nmust be followed by option values. If any option value is missing, show the\nusage information and exit.\n\nThe default behavior is to set the value of any key not followed by an\noption value to `true`.\n\n.reset()\n--------\n\nReset the argument object built up so far. This is useful for\ncreating nested command line interfaces. Use [global](#global)\nto specify keys that should not be reset.\n\n```js\nvar yargs = require('yargs')\n .usage('$0 command')\n .command('hello', 'hello command')\n .command('world', 'world command')\n .demand(1, 'must provide a valid command'),\n argv = yargs.argv,\n command = argv._[0];\n\nif (command === 'hello') {\n yargs.reset()\n .usage('$0 hello')\n .help('h')\n .example('$0 hello', 'print the hello message!')\n .argv\n\n console.log('hello!');\n} else if (command === 'world'){\n yargs.reset()\n .usage('$0 world')\n .help('h')\n .example('$0 world', 'print the world message!')\n .argv\n\n console.log('world!');\n} else {\n yargs.showHelp();\n}\n```\n\n.showCompletionScript()\n----------------------\n\nGenerate a bash completion script. Users of your application can install this\nscript in their `.bashrc`, and yargs will provide completion shortcuts for\ncommands and options.\n\n.showHelp(consoleLevel='error')\n---------------------------\n\nPrint the usage data using the [`console`](https://nodejs.org/api/console.html) function `consoleLevel` for printing.\n\nExample:\n\n```js\nvar yargs = require(\"yargs\")\n .usage(\"$0 -operand1 number -operand2 number -operation [add|subtract]\");\nyargs.showHelp(); //prints to stderr using console.error()\n```\n\nOr, to print the usage data to `stdout` instead, you can specify the use of `console.log`:\n\n```js\nyargs.showHelp(\"log\"); //prints to stdout using console.log()\n```\n\nLater on, `argv` can be retrieved with `yargs.argv`.\n\n.showHelpOnFail(enable, [message])\n----------------------------------\n\nBy default, yargs outputs a usage string if any error is detected. Use the\n`.showHelpOnFail()` method to customize this behavior. If `enable` is `false`,\nthe usage string is not output. If the `message` parameter is present, this\nmessage is output after the error message.\n\nline_count.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs')\n .usage('Count the lines in a file.\\nUsage: $0 -f ')\n .demand('f')\n .alias('f', 'file')\n .describe('f', 'Load a file')\n .string('f')\n .showHelpOnFail(false, 'Specify --help for available options')\n .help('help')\n .argv;\n\n// etc.\n````\n\n***\n\n```\n$ node line_count.js\nMissing argument value: f\n\nSpecify --help for available options\n```\n\n.strict()\n---------\n\nAny command-line argument given that is not demanded, or does not have a\ncorresponding description, will be reported as an error.\n\n.string(key)\n------------\n\nTell the parser logic not to interpret `key` as a number or boolean.\nThis can be useful if you need to preserve leading zeros in an input.\n\nIf `key` is an array, interpret all the elements as strings.\n\n`.string('_')` will result in non-hyphenated arguments being interpreted as strings,\nregardless of whether they resemble numbers.\n\n.number([key])\n------------\nSpecify options with a numeric argument.\n\nIf an argument is not provided with the option, will return `undefined`.\n\nIf a non-numeric argument is provided, will return a `NaN`.\n\n```js\nvar argv = require('yargs')\n .number(['n'])\n .argv\n```\n\n.updateLocale(obj)\n------------------\n.updateStrings(obj)\n------------------\n\nOverride the default strings used by yargs with the key/value\npairs provided in `obj`:\n\n```js\nvar argv = require('yargs')\n .command('run', 'the run command')\n .help('help')\n .updateStrings({\n 'Commands:': 'My Commands -->\\n'\n })\n .wrap(null)\n .argv\n```\n\n***\n\n```shell\nMy Commands -->\n\n run the run command\n\nOptions:\n --help Show help [boolean]\n```\n\nIf you explicitly specify a `locale()`, you should do so *before* calling\n`updateStrings()`.\n\n.usage(message, [opts])\n---------------------\n\nSet a usage message to show which commands to use. Inside `message`, the string\n`$0` will get interpolated to the current script name or node command for the\npresent script similar to how `$0` works in bash or perl.\n\n`opts` is optional and acts like calling `.options(opts)`.\n\n.version([option], [description], [version])\n----------------------------------------\n\nAdd an option (e.g. `--version`) that displays the version number (given by the\n`version` parameter) and exits the process.\n\nIf no arguments are passed to `version` (`.version()`), yargs will parse the `package.json`\nof your module and use its `version` value. The default value of `option` is `--version`.\n\nYou can provide a `function` for version, rather than a string.\nThis is useful if you want to use a version stored in a location other than package.json:\n\n```js\nvar argv = require('yargs')\n .version(function() {\n return require('../lib/version').version;\n })\n .argv;\n```\n\n.wrap(columns)\n--------------\n\nFormat usage output to wrap at `columns` many columns.\n\nBy default wrap will be set to `Math.min(80, windowWidth)`. Use `.wrap(null)` to\nspecify no column limit (no right-align). Use `.wrap(yargs.terminalWidth())` to\nmaximize the width of yargs' usage instructions.\n\nparsing tricks\n==============\n\nstop parsing\n------------\n\nUse `--` to stop parsing flags and stuff the remainder into `argv._`.\n\n $ node examples/reflect.js -a 1 -b 2 -- -c 3 -d 4\n { _: [ '-c', '3', '-d', '4' ],\n a: 1,\n b: 2,\n '$0': 'examples/reflect.js' }\n\nnegate fields\n-------------\n\nIf you want to explicitly set a field to false instead of just leaving it\nundefined or to override a default you can do `--no-key`.\n\n $ node examples/reflect.js -a --no-b\n { _: [], a: true, b: false, '$0': 'examples/reflect.js' }\n\nnumbers\n-------\n\nEvery argument that looks like a number (`!isNaN(Number(arg))`) is converted to\none. This way you can just `net.createConnection(argv.port)` and you can add\nnumbers out of `argv` with `+` without having that mean concatenation,\nwhich is super frustrating.\n\nduplicates\n----------\n\nIf you specify a flag multiple times it will get turned into an array containing\nall the values in order.\n\n $ node examples/reflect.js -x 5 -x 8 -x 0\n { _: [], x: [ 5, 8, 0 ], '$0': 'examples/reflect.js' }\n\ndot notation\n------------\n\nWhen you use dots (`.`s) in argument names, an implicit object path is assumed.\nThis lets you organize arguments into nested objects.\n\n $ node examples/reflect.js --foo.bar.baz=33 --foo.quux=5\n { _: [],\n foo: { bar: { baz: 33 }, quux: 5 },\n '$0': 'examples/reflect.js' }\n\nshort numbers\n-------------\n\nShort numeric `-n5` style arguments work too:\n\n $ node examples/reflect.js -n123 -m456\n { _: [], n: 123, m: 456, '$0': 'examples/reflect.js' }\n\ninstallation\n============\n\nWith [npm](https://github.com/npm/npm), just do:\n\n npm install yargs\n\nor clone this project on github:\n\n git clone http://github.com/bcoe/yargs.git\n\nTo run the tests with npm, just do:\n\n npm test\n\nconfiguration\n=============\n\nUsing the `yargs` stanza in your `package.json` you can turn on and off\nsome of yargs' parsing features:\n\n```json\n{\n \"yargs\": {\n \"short-option-groups\": true,\n \"camel-case-expansion\": true,\n \"dot-notation\": true,\n \"parse-numbers\": true,\n \"boolean-negation\": true\n }\n}\n```\n\nSee the [yargs-parser](https://github.com/yargs/yargs-parser#configuration) module\nfor detailed documentation of this feature.\n\ninspired by\n===========\n\nThis module is loosely inspired by Perl's\n[Getopt::Casual](http://search.cpan.org/~photo/Getopt-Casual-0.13.1/Casual.pm).\n\n[travis-url]: https://travis-ci.org/bcoe/yargs\n[travis-image]: https://img.shields.io/travis/bcoe/yargs.svg\n[gemnasium-url]: https://gemnasium.com/bcoe/yargs\n[gemnasium-image]: https://img.shields.io/gemnasium/bcoe/yargs.svg\n[coveralls-url]: https://coveralls.io/github/bcoe/yargs\n[coveralls-image]: https://img.shields.io/coveralls/bcoe/yargs.svg\n[npm-url]: https://www.npmjs.com/package/yargs\n[npm-image]: https://img.shields.io/npm/v/yargs.svg\n[windows-url]: https://ci.appveyor.com/project/bcoe/yargs\n[windows-image]: https://img.shields.io/appveyor/ci/bcoe/yargs/master.svg?label=Windows%20Tests\n[standard-image]: https://img.shields.io/badge/code%20style-standard-brightgreen.svg\n[standard-url]: http://standardjs.com/\n", + "readmeFilename": "README.md", + "_dependencies": { + "camelcase": "^2.0.1", + "cliui": "^3.0.3", + "decamelize": "^1.1.1", + "os-locale": "^1.4.0", + "pkg-conf": "^1.1.1", + "read-pkg-up": "^1.0.1", + "require-main-filename": "^1.0.0", + "string-width": "^1.0.1", + "window-size": "^0.2.0", + "y18n": "^3.2.0", + "yargs-parser": "^2.1.0" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/yargs", + "error": "[Circular]", + "extraneous": false + } + }, + "deprecated": false, + "description": "Generates bundledDependencies package.json value using values of the dependencies property.", + "devDependencies": { + "pragmatist": "^3.0.9" + }, + "homepage": "https://github.com/gajus/bundle-dependencies#readme", + "keywords": [ + "npm", + "bundle", + "dependencies" + ], + "license": "BSD-3-Clause", + "main": "./dist/index.js", + "name": "bundle-dependencies", + "repository": { + "type": "git", + "url": "git+https://github.com/gajus/bundle-dependencies.git" + }, + "scripts": { + "build": "npm run pragmatist build", + "lint": "npm run pragmatist lint", + "pragmatist": "pragmatist --es5", + "test": "", + "watch": "npm run pragmatist watch", + "watch-build": "npm run pragmatist watch-build", + "watch-lint": "npm run pragmatist watch-lint", + "watch-test": "" + }, + "version": "1.0.2", + "readme": "# bundle-dependencies\n\n[![NPM version](http://img.shields.io/npm/v/bundle-dependencies.svg?style=flat-square)](https://www.npmjs.org/package/bundle-dependencies)\n[![Travis build status](http://img.shields.io/travis/gajus/bundle-dependencies/master.svg?style=flat-square)](https://travis-ci.org/gajus/bundle-dependencies)\n[![js-canonical-style](https://img.shields.io/badge/code%20style-canonical-blue.svg?style=flat-square)](https://github.com/gajus/canonical)\n\nGenerates [`bundledDependencies`](https://docs.npmjs.com/files/package.json#bundleddependencies) `package.json` value using values of the dependencies property. Updates `package.json` definition using the generated `bundledDependencies` value.\n\n## Install\n\n```sh\nnpm install bundle-dependencies\n```\n\nAdd to `package.json`:\n\n```json\n{\n \"scripts\": {\n \"bundle-dependencies\": \"bundle-dependencies\"\n }\n}\n```\n\n## Options\n\n```sh\nbundle-dependencies --help\n```\n\n```\nCommands:\n list-bundled-dependencies Lists names of bundled dependencies.\n update Updates package.json bundledDependencies\n definition.\n\nOptions:\n --help Show help [boolean]\n```\n\n```sh\nbundle-dependencies update --help\n```\n\n```\nOptions:\n --help Show help [boolean]\n --exclude A space-separated list of dependencies not to include in the\n bundledDependencies definition. [array] [default: []]\n```\n\n## Usage\n\nTo simply update `bundledDependencies` of the `package.json` in the current working directory, execute the script:\n\n```sh\nnpm run bundle-dependencies update\n```\n\n## Publishing\n\nWhen publishing a package using `bundledDependencies` property, make sure that your `nodu_modules/` directory includes only bundled dependencies, i.e. the module must be install using `npm install --production [list of bundled dependencies]`. Use this script to do it:\n\n```json\n{\n \"bundle-publish\": \"npm run bundle-dependencies update; git commit -m 'Bundled dependencies.' ./package.json; git push; rm -fr ./node_modules; npm install --production $(bundle-dependencies list-bundled-dependencies); npm dedupe; npm prune; npm publish; npm install;\"\n}\n```\n", + "readmeFilename": "README.md", + "_args": [ + [ + "bundle-dependencies@1.0.2", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project" + ] + ], + "optionalDependencies": {}, + "_dependencies": { + "yargs": "^4.1.0" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies", + "error": "[Circular]", + "extraneous": false + } + }, + "readme": "ERROR: No README data found!", + "_id": "demo-bundled-deps@0.0.0", + "_shrinkwrap": { + "name": "demo-bundled-deps", + "version": "0.0.0", + "lockfileVersion": 1, + "requires": true, + "dependencies": { + "bundle-dependencies": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "integrity": "sha512-fM9Q9hJcX1ZYnyjveHTptFZqpLKDO2gdxRhuB8MNSYEQvC6kImDDH2038J/tHfcuV0JRGUj8n8axDY0AnFkXfA==", + "requires": { + "yargs": "^4.1.0" + }, + "dependencies": { + "ansi-regex": { + "version": "2.0.0", + "bundled": true + }, + "builtin-modules": { + "version": "1.1.1", + "bundled": true + }, + "camelcase": { + "version": "2.1.0", + "bundled": true + }, + "cliui": { + "version": "3.1.0", + "bundled": true, + "requires": { + "string-width": "^1.0.1", + "strip-ansi": "^3.0.0", + "wrap-ansi": "^1.0.0" + } + }, + "code-point-at": { + "version": "1.0.0", + "bundled": true, + "requires": { + "number-is-nan": "^1.0.0" + } + }, + "decamelize": { + "version": "1.1.2", + "bundled": true, + "requires": { + "escape-string-regexp": "^1.0.4" + } + }, + "error-ex": { + "version": "1.3.0", + "bundled": true, + "requires": { + "is-arrayish": "^0.2.1" + } + }, + "escape-string-regexp": { + "version": "1.0.5", + "bundled": true + }, + "find-up": { + "version": "1.1.0", + "bundled": true, + "requires": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + } + }, + "graceful-fs": { + "version": "4.1.3", + "bundled": true + }, + "hosted-git-info": { + "version": "2.1.4", + "bundled": true + }, + "invert-kv": { + "version": "1.0.0", + "bundled": true + }, + "is-arrayish": { + "version": "0.2.1", + "bundled": true + }, + "is-builtin-module": { + "version": "1.0.0", + "bundled": true, + "requires": { + "builtin-modules": "^1.0.0" + } + }, + "is-fullwidth-code-point": { + "version": "1.0.0", + "bundled": true, + "requires": { + "number-is-nan": "^1.0.0" + } + }, + "is-utf8": { + "version": "0.2.1", + "bundled": true + }, + "lcid": { + "version": "1.0.0", + "bundled": true, + "requires": { + "invert-kv": "^1.0.0" + } + }, + "load-json-file": { + "version": "1.1.0", + "bundled": true, + "requires": { + "graceful-fs": "^4.1.2", + "parse-json": "^2.2.0", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0", + "strip-bom": "^2.0.0" + } + }, + "lodash.assign": { + "version": "4.0.3", + "bundled": true, + "requires": { + "lodash.keys": "^4.0.0", + "lodash.rest": "^4.0.0" + } + }, + "lodash.keys": { + "version": "4.0.3", + "bundled": true + }, + "lodash.rest": { + "version": "4.0.1", + "bundled": true + }, + "normalize-package-data": { + "version": "2.3.5", + "bundled": true, + "requires": { + "hosted-git-info": "^2.1.4", + "is-builtin-module": "^1.0.0", + "semver": "2 || 3 || 4 || 5", + "validate-npm-package-license": "^3.0.1" + } + }, + "number-is-nan": { + "version": "1.0.0", + "bundled": true + }, + "object-assign": { + "version": "4.0.1", + "bundled": true + }, + "os-locale": { + "version": "1.4.0", + "bundled": true, + "requires": { + "lcid": "^1.0.0" + } + }, + "parse-json": { + "version": "2.2.0", + "bundled": true, + "requires": { + "error-ex": "^1.2.0" + } + }, + "path-exists": { + "version": "2.1.0", + "bundled": true, + "requires": { + "pinkie-promise": "^2.0.0" + } + }, + "path-type": { + "version": "1.1.0", + "bundled": true, + "requires": { + "graceful-fs": "^4.1.2", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0" + } + }, + "pify": { + "version": "2.3.0", + "bundled": true + }, + "pinkie": { + "version": "2.0.4", + "bundled": true + }, + "pinkie-promise": { + "version": "2.0.0", + "bundled": true, + "requires": { + "pinkie": "^2.0.0" + } + }, + "pkg-conf": { + "version": "1.1.1", + "bundled": true, + "requires": { + "find-up": "^1.0.0", + "object-assign": "^4.0.1", + "read-pkg": "^1.0.0", + "symbol": "^0.2.1" + } + }, + "read-pkg": { + "version": "1.1.0", + "bundled": true, + "requires": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + } + }, + "read-pkg-up": { + "version": "1.0.1", + "bundled": true, + "requires": { + "find-up": "^1.0.0", + "read-pkg": "^1.0.0" + } + }, + "require-main-filename": { + "version": "1.0.1", + "bundled": true + }, + "semver": { + "version": "5.1.0", + "bundled": true + }, + "spdx-correct": { + "version": "1.0.2", + "bundled": true, + "requires": { + "spdx-license-ids": "^1.0.2" + } + }, + "spdx-exceptions": { + "version": "1.0.4", + "bundled": true + }, + "spdx-expression-parse": { + "version": "1.0.2", + "bundled": true, + "requires": { + "spdx-exceptions": "^1.0.4", + "spdx-license-ids": "^1.0.0" + } + }, + "spdx-license-ids": { + "version": "1.2.0", + "bundled": true + }, + "string-width": { + "version": "1.0.1", + "bundled": true, + "requires": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + } + }, + "strip-ansi": { + "version": "3.0.1", + "bundled": true, + "requires": { + "ansi-regex": "^2.0.0" + } + }, + "strip-bom": { + "version": "2.0.0", + "bundled": true, + "requires": { + "is-utf8": "^0.2.0" + } + }, + "symbol": { + "version": "0.2.1", + "bundled": true + }, + "validate-npm-package-license": { + "version": "3.0.1", + "bundled": true, + "requires": { + "spdx-correct": "~1.0.0", + "spdx-expression-parse": "~1.0.0" + } + }, + "window-size": { + "version": "0.2.0", + "bundled": true + }, + "wrap-ansi": { + "version": "1.0.0", + "bundled": true, + "requires": { + "string-width": "^1.0.1" + } + }, + "y18n": { + "version": "3.2.0", + "bundled": true + }, + "yargs": { + "version": "4.1.0", + "bundled": true, + "requires": { + "camelcase": "^2.0.1", + "cliui": "^3.0.3", + "decamelize": "^1.1.1", + "os-locale": "^1.4.0", + "pkg-conf": "^1.1.1", + "read-pkg-up": "^1.0.1", + "require-main-filename": "^1.0.0", + "string-width": "^1.0.1", + "window-size": "^0.2.0", + "y18n": "^3.2.0", + "yargs-parser": "^2.1.0" + } + }, + "yargs-parser": { + "version": "2.1.0", + "bundled": true, + "requires": { + "camelcase": "^2.1.0", + "lodash.assign": "^4.0.2" + } + } + } + } + } + }, + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": { + "bundle-dependencies": "1.0.2" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "error": "[Circular]", + "extraneous": false +} diff --git a/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm6_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm6_node22_windows-latest.json new file mode 100644 index 00000000..65f1e629 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm6_node22_windows-latest.json @@ -0,0 +1,6759 @@ +{ + "name": "demo-bundled-deps", + "private": true, + "version": "0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "license": "Apache-2.0", + "dependencies": { + "bundle-dependencies": { + "_from": "bundle-dependencies@1.0.2", + "_id": "bundle-dependencies@1.0.2", + "_integrity": "sha512-fM9Q9hJcX1ZYnyjveHTptFZqpLKDO2gdxRhuB8MNSYEQvC6kImDDH2038J/tHfcuV0JRGUj8n8axDY0AnFkXfA==", + "_location": "/bundle-dependencies", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "bundle-dependencies@1.0.2", + "name": "bundle-dependencies", + "escapedName": "bundle-dependencies", + "rawSpec": "1.0.2", + "saveSpec": null, + "fetchSpec": "1.0.2" + }, + "_requiredBy": [ + "/" + ], + "_resolved": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "_shasum": "9a5e4fa98cc7eaacf76215ee41361d1d580368a9", + "_spec": "1.0.2", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Gajus Kuizinas", + "email": "gajus@gajus.com", + "url": "http://gajus.com" + }, + "bin": { + "bundle-dependencies": "dist/bin/index.js" + }, + "bugs": { + "url": "https://github.com/gajus/bundle-dependencies/issues" + }, + "bundleDependencies": [ + "yargs" + ], + "dependencies": { + "yargs": { + "_args": [ + [ + "yargs@^4.1.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies" + ], + [ + "yargs@4.1.0", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "yargs@>=4.1.0 <5.0.0", + "_id": "yargs@4.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/yargs", + "_nodeVersion": "3.2.0", + "_npmOperationalInternal": { + "host": "packages-5-east.internal.npmjs.com", + "tmp": "tmp/yargs-4.1.0.tgz_1455554454146_0.05233815615065396" + }, + "_npmUser": { + "email": "ben@npmjs.com", + "name": "bcoe" + }, + "_npmVersion": "3.3.0", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "yargs@4.1.0", + "name": "yargs", + "escapedName": "yargs", + "rawSpec": "4.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "4.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies" + ], + "_resolved": "https://registry.npmjs.org/yargs/-/yargs-4.1.0.tgz", + "_shasum": "035e5ea466ac7fea584b00353e33eae4082b9894", + "_shrinkwrap": "[Circular]", + "_spec": "4.1.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "bugs": { + "url": "https://github.com/bcoe/yargs/issues" + }, + "dependencies": { + "camelcase": { + "_args": [ + [ + "camelcase@^2.0.1", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "camelcase@2.1.0", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "camelcase@>=2.0.1 <3.0.0", + "_id": "camelcase@2.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/camelcase", + "_nodeVersion": "4.2.4", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "3.6.0", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "camelcase@2.1.0", + "name": "camelcase", + "escapedName": "camelcase", + "rawSpec": "2.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs", + "/bundle-dependencies/yargs-parser" + ], + "_resolved": "https://registry.npmjs.org/camelcase/-/camelcase-2.1.0.tgz", + "_shasum": "533ad4cd7f8a1080ded31aba6c79b4bf437ff30c", + "_shrinkwrap": "[Circular]", + "_spec": "2.1.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "http://sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/camelcase/issues" + }, + "dependencies": {}, + "description": "Convert a dash/dot/underscore/space separated string to camelCase: foo-bar → fooBar", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "533ad4cd7f8a1080ded31aba6c79b4bf437ff30c", + "tarball": "http://registry.npmjs.org/camelcase/-/camelcase-2.1.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "9b73ccb3f48ab86eccb136c155f0eb2e67f40dc3", + "homepage": "https://github.com/sindresorhus/camelcase#readme", + "keywords": [ + "camelcase", + "camel-case", + "camel", + "case", + "dash", + "hyphen", + "dot", + "underscore", + "separator", + "string", + "text", + "convert" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "camelcase", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/camelcase.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "2.1.0", + "readme": "# camelcase [![Build Status](https://travis-ci.org/sindresorhus/camelcase.svg?branch=master)](https://travis-ci.org/sindresorhus/camelcase)\n\n> Convert a dash/dot/underscore/space separated string to camelCase: `foo-bar` → `fooBar`\n\n\n## Install\n\n```\n$ npm install --save camelcase\n```\n\n\n## Usage\n\n```js\nconst camelCase = require('camelcase');\n\ncamelCase('foo-bar');\n//=> 'fooBar'\n\ncamelCase('foo_bar');\n//=> 'fooBar'\n\ncamelCase('Foo-Bar');\n//=> 'fooBar'\n\ncamelCase('--foo.bar');\n//=> 'fooBar'\n\ncamelCase('__foo__bar__');\n//=> 'fooBar'\n\ncamelCase('foo bar');\n//=> 'fooBar'\n\nconsole.log(process.argv[3]);\n//=> '--foo-bar'\ncamelCase(process.argv[3]);\n//=> 'fooBar'\n\ncamelCase('foo', 'bar');\n//=> 'fooBar'\n\ncamelCase('__foo__', '--bar');\n//=> 'fooBar'\n```\n\n\n## Related\n\n- [decamelize](https://github.com/sindresorhus/decamelize) - The inverse of this module\n- [uppercamelcase](https://github.com/SamVerschueren/uppercamelcase) - Like this module, but to PascalCase instead of camelCase\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\camelcase", + "error": "[Circular]", + "extraneous": false + }, + "cliui": { + "_args": [ + [ + "cliui@^3.0.3", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "cliui@3.1.0", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "cliui@>=3.0.3 <4.0.0", + "_id": "cliui@3.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/cliui", + "_nodeVersion": "0.10.36", + "_npmUser": { + "email": "ben@npmjs.com", + "name": "bcoe" + }, + "_npmVersion": "2.7.5", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "cliui@3.1.0", + "name": "cliui", + "escapedName": "cliui", + "rawSpec": "3.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "3.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/cliui/-/cliui-3.1.0.tgz", + "_shasum": "a3b880308e0a8191721e0081a8c2a8b506d0abf9", + "_shrinkwrap": "[Circular]", + "_spec": "3.1.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Ben Coe", + "email": "ben@npmjs.com" + }, + "bugs": { + "url": "https://github.com/bcoe/cliui/issues" + }, + "config": { + "blanket": { + "data-cover-never": [ + "node_modules", + "test" + ], + "output-reporter": "spec", + "pattern": [ + "index.js" + ] + } + }, + "dependencies": { + "string-width": { + "_args": [ + [ + "string-width@^1.0.1", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "string-width@1.0.1", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "string-width@>=1.0.1 <2.0.0", + "_id": "string-width@1.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/string-width", + "_nodeVersion": "0.12.5", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.11.2", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "string-width@1.0.1", + "name": "string-width", + "escapedName": "string-width", + "rawSpec": "1.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.1" + }, + "_requiredBy": [ + "/bundle-dependencies/cliui", + "/bundle-dependencies/wrap-ansi", + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/string-width/-/string-width-1.0.1.tgz", + "_shasum": "c92129b6f1d7f52acf9af424a26e3864a05ceb0a", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.1", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/string-width/issues" + }, + "dependencies": {}, + "description": "Get the visual width of a string - the number of columns required to display it", + "devDependencies": { + "ava": "0.0.4" + }, + "directories": {}, + "dist": { + "shasum": "c92129b6f1d7f52acf9af424a26e3864a05ceb0a", + "tarball": "http://registry.npmjs.org/string-width/-/string-width-1.0.1.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "f279cfd14835f0a3c8df69ba18e9a3960156e135", + "homepage": "https://github.com/sindresorhus/string-width", + "keywords": [ + "string", + "str", + "character", + "char", + "unicode", + "width", + "visual", + "column", + "columns", + "fullwidth", + "full-width", + "full", + "ansi", + "escape", + "codes", + "cli", + "command-line", + "terminal", + "console", + "cjk", + "chinese", + "japanese", + "korean", + "fixed-width" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "string-width", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/string-width.git" + }, + "scripts": { + "test": "node test.js" + }, + "version": "1.0.1", + "readme": "# string-width [![Build Status](https://travis-ci.org/sindresorhus/string-width.svg?branch=master)](https://travis-ci.org/sindresorhus/string-width)\n\n> Get the visual width of a string - the number of columns required to display it\n\nSome Unicode characters are [fullwidth](https://en.wikipedia.org/wiki/Halfwidth_and_fullwidth_forms) and use double the normal width.\n\nUseful to be able to measure the actual width of command-line output.\n\n\n## Install\n\n```\n$ npm install --save string-width\n```\n\n\n## Usage\n\n```js\nvar stringWidth = require('string-width');\n\nstringWidth('古');\n//=> 2\n\nstringWidth('\\u001b[1m古\\u001b[22m');\n//=> 2\n\nstringWidth('a');\n//=> 1\n```\n\n\n## Related\n\n- [string-width-cli](https://github.com/sindresorhus/string-width-cli) - CLI for this module\n- [string-length](https://github.com/sindresorhus/string-length) - Get the real length of a string\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\string-width", + "error": "[Circular]", + "extraneous": false, + "_deduped": "node_modules\\bundle-dependencies\\node_modules\\string-width" + }, + "strip-ansi": { + "_args": [ + [ + "strip-ansi@^3.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/cliui" + ], + [ + "strip-ansi@3.0.1", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "strip-ansi@>=3.0.0 <4.0.0", + "_id": "strip-ansi@3.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/strip-ansi", + "_nodeVersion": "0.12.7", + "_npmOperationalInternal": { + "host": "packages-9-west.internal.npmjs.com", + "tmp": "tmp/strip-ansi-3.0.1.tgz_1456057278183_0.28958667791448534" + }, + "_npmUser": { + "email": "jappelman@xebia.com", + "name": "jbnicolai" + }, + "_npmVersion": "2.11.3", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "strip-ansi@3.0.1", + "name": "strip-ansi", + "escapedName": "strip-ansi", + "rawSpec": "3.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "3.0.1" + }, + "_requiredBy": [ + "/bundle-dependencies/cliui", + "/bundle-dependencies/string-width" + ], + "_resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz", + "_shasum": "6a385fb8853d952d5ff05d0e8aaf94278dc63dcf", + "_shrinkwrap": "[Circular]", + "_spec": "3.0.1", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/chalk/strip-ansi/issues" + }, + "dependencies": { + "ansi-regex": { + "_args": [ + [ + "ansi-regex@^2.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/strip-ansi" + ], + [ + "ansi-regex@2.0.0", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "ansi-regex@>=2.0.0 <3.0.0", + "_id": "ansi-regex@2.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/ansi-regex", + "_nodeVersion": "0.12.5", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.11.2", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "ansi-regex@2.0.0", + "name": "ansi-regex", + "escapedName": "ansi-regex", + "rawSpec": "2.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/strip-ansi" + ], + "_resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.0.0.tgz", + "_shasum": "c5061b6e0ef8a81775e50f5d66151bf6bf371107", + "_shrinkwrap": "[Circular]", + "_spec": "2.0.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/ansi-regex/issues" + }, + "dependencies": {}, + "description": "Regular expression for matching ANSI escape codes", + "devDependencies": { + "mocha": "*" + }, + "directories": {}, + "dist": { + "shasum": "c5061b6e0ef8a81775e50f5d66151bf6bf371107", + "tarball": "http://registry.npmjs.org/ansi-regex/-/ansi-regex-2.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "57c3f2941a73079fa8b081e02a522e3d29913e2f", + "homepage": "https://github.com/sindresorhus/ansi-regex", + "keywords": [ + "ansi", + "styles", + "color", + "colour", + "colors", + "terminal", + "console", + "cli", + "string", + "tty", + "escape", + "formatting", + "rgb", + "256", + "shell", + "xterm", + "command-line", + "text", + "regex", + "regexp", + "re", + "match", + "test", + "find", + "pattern" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + }, + { + "name": "jbnicolai", + "email": "jappelman@xebia.com" + } + ], + "name": "ansi-regex", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/ansi-regex.git" + }, + "scripts": { + "test": "mocha test/test.js", + "view-supported": "node test/viewCodes.js" + }, + "version": "2.0.0", + "readme": "# ansi-regex [![Build Status](https://travis-ci.org/sindresorhus/ansi-regex.svg?branch=master)](https://travis-ci.org/sindresorhus/ansi-regex)\n\n> Regular expression for matching [ANSI escape codes](http://en.wikipedia.org/wiki/ANSI_escape_code)\n\n\n## Install\n\n```\n$ npm install --save ansi-regex\n```\n\n\n## Usage\n\n```js\nvar ansiRegex = require('ansi-regex');\n\nansiRegex().test('\\u001b[4mcake\\u001b[0m');\n//=> true\n\nansiRegex().test('cake');\n//=> false\n\n'\\u001b[4mcake\\u001b[0m'.match(ansiRegex());\n//=> ['\\u001b[4m', '\\u001b[0m']\n```\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\ansi-regex", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Strip ANSI escape codes", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "6a385fb8853d952d5ff05d0e8aaf94278dc63dcf", + "tarball": "http://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "8270705c704956da865623e564eba4875c3ea17f", + "homepage": "https://github.com/chalk/strip-ansi", + "keywords": [ + "strip", + "trim", + "remove", + "ansi", + "styles", + "color", + "colour", + "colors", + "terminal", + "console", + "string", + "tty", + "escape", + "formatting", + "rgb", + "256", + "shell", + "xterm", + "log", + "logging", + "command-line", + "text" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + }, + { + "name": "jbnicolai", + "email": "jappelman@xebia.com" + } + ], + "name": "strip-ansi", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/chalk/strip-ansi.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "3.0.1", + "readme": "# strip-ansi [![Build Status](https://travis-ci.org/chalk/strip-ansi.svg?branch=master)](https://travis-ci.org/chalk/strip-ansi)\n\n> Strip [ANSI escape codes](http://en.wikipedia.org/wiki/ANSI_escape_code)\n\n\n## Install\n\n```\n$ npm install --save strip-ansi\n```\n\n\n## Usage\n\n```js\nvar stripAnsi = require('strip-ansi');\n\nstripAnsi('\\u001b[4mcake\\u001b[0m');\n//=> 'cake'\n```\n\n\n## Related\n\n- [strip-ansi-cli](https://github.com/chalk/strip-ansi-cli) - CLI for this module\n- [has-ansi](https://github.com/chalk/has-ansi) - Check if a string has ANSI escape codes\n- [ansi-regex](https://github.com/chalk/ansi-regex) - Regular expression for matching ANSI escape codes\n- [chalk](https://github.com/chalk/chalk) - Terminal string styling done right\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "ansi-regex": "^2.0.0" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\strip-ansi", + "error": "[Circular]", + "extraneous": false + }, + "wrap-ansi": { + "_args": [ + [ + "wrap-ansi@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/cliui" + ], + [ + "wrap-ansi@1.0.0", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "wrap-ansi@>=1.0.0 <2.0.0", + "_id": "wrap-ansi@1.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/wrap-ansi", + "_nodeVersion": "1.1.0", + "_npmUser": { + "email": "bencoe@gmail.com", + "name": "bcoe" + }, + "_npmVersion": "3.3.6", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "wrap-ansi@1.0.0", + "name": "wrap-ansi", + "escapedName": "wrap-ansi", + "rawSpec": "1.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/cliui" + ], + "_resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-1.0.0.tgz", + "_shasum": "f573bb9ee23cf43891f3362f5f359a1dfa38fc34", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/chalk/wrap-ansi/issues" + }, + "dependencies": { + "string-width": { + "_args": "[Circular]", + "_from": "string-width@>=1.0.1 <2.0.0", + "_id": "string-width@1.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/string-width", + "_nodeVersion": "0.12.5", + "_npmUser": "[Circular]", + "_npmVersion": "2.11.2", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "string-width@1.0.1", + "name": "string-width", + "escapedName": "string-width", + "rawSpec": "1.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.1" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/string-width/-/string-width-1.0.1.tgz", + "_shasum": "c92129b6f1d7f52acf9af424a26e3864a05ceb0a", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.1", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "Get the visual width of a string - the number of columns required to display it", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "f279cfd14835f0a3c8df69ba18e9a3960156e135", + "homepage": "https://github.com/sindresorhus/string-width", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "string-width", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "1.0.1", + "readme": "# string-width [![Build Status](https://travis-ci.org/sindresorhus/string-width.svg?branch=master)](https://travis-ci.org/sindresorhus/string-width)\n\n> Get the visual width of a string - the number of columns required to display it\n\nSome Unicode characters are [fullwidth](https://en.wikipedia.org/wiki/Halfwidth_and_fullwidth_forms) and use double the normal width.\n\nUseful to be able to measure the actual width of command-line output.\n\n\n## Install\n\n```\n$ npm install --save string-width\n```\n\n\n## Usage\n\n```js\nvar stringWidth = require('string-width');\n\nstringWidth('古');\n//=> 2\n\nstringWidth('\\u001b[1m古\\u001b[22m');\n//=> 2\n\nstringWidth('a');\n//=> 1\n```\n\n\n## Related\n\n- [string-width-cli](https://github.com/sindresorhus/string-width-cli) - CLI for this module\n- [string-length](https://github.com/sindresorhus/string-length) - Get the real length of a string\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\string-width", + "error": "[Circular]", + "extraneous": false, + "_deduped": "node_modules\\bundle-dependencies\\node_modules\\string-width" + } + }, + "description": "Wordwrap a string with ANSI escape codes", + "devDependencies": { + "ava": "0.0.4", + "chalk": "^1.1.0", + "coveralls": "^2.11.4", + "has-ansi": "^2.0.0", + "nyc": "^3.2.2", + "strip-ansi": "^3.0.0", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "f573bb9ee23cf43891f3362f5f359a1dfa38fc34", + "tarball": "http://registry.npmjs.org/wrap-ansi/-/wrap-ansi-1.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "c890e95ea671779012fa73fd77b74198e8c5d09b", + "homepage": "https://github.com/chalk/wrap-ansi#readme", + "keywords": [ + "wrap", + "break", + "wordwrap", + "wordbreak", + "linewrap", + "ansi", + "styles", + "color", + "colour", + "colors", + "terminal", + "console", + "cli", + "string", + "tty", + "escape", + "formatting", + "rgb", + "256", + "shell", + "xterm", + "log", + "logging", + "command-line", + "text" + ], + "license": "MIT", + "maintainers": [ + { + "name": "bcoe", + "email": "ben@npmjs.com" + }, + { + "name": "jbnicolai", + "email": "jappelman@xebia.com" + }, + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "wrap-ansi", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/chalk/wrap-ansi.git" + }, + "scripts": { + "coverage": "nyc --reporter=text-lcov node test.js | coveralls", + "test": "xo && nyc node test.js" + }, + "version": "1.0.0", + "readme": "# wrap-ansi [![Build Status](https://travis-ci.org/chalk/wrap-ansi.svg?branch=master)](https://travis-ci.org/chalk/wrap-ansi) [![Coverage Status](https://coveralls.io/repos/chalk/wrap-ansi/badge.svg?branch=master&service=github)](https://coveralls.io/github/chalk/wrap-ansi?branch=master)\n\n> Wordwrap a string with [ANSI escape codes](http://en.wikipedia.org/wiki/ANSI_escape_code#Colors_and_Styles)\n\n\n## Install\n\n```\n$ npm install --save wrap-ansi\n```\n\n\n## Usage\n\n```js\nconst chalk = require('chalk');\nconst wrapAnsi = require('wrap-ansi');\n\nconst input = 'The quick brown ' + chalk.red('fox jumped over ') +\n\t'the lazy ' + chalk.green('dog and then ran away with the unicorn.');\n\nconsole.log(wrapAnsi(input, 20));\n```\n\n\n\n\n## API\n\n### wrapAnsi(input, columns, [options])\n\nWrap words to the specified column width.\n\n#### input\n\nType: `string`\n\nString with ANSI escape codes. Like one styled by [`chalk`](https://github.com/chalk/chalk).\n\n#### columns\n\nType: `number`\n\nNumber of columns to wrap the text to.\n\n#### options.hard\n\nType: `boolean` \nDefault: `false`\n\nBy default the wrap is soft, meaning long words may extend past the column width. Setting this to `true` will make it hard wrap at the column width.\n\n\n## Related\n\n- [slice-ansi](https://github.com/chalk/slice-ansi) - Slice a string with ANSI escape codes\n- [chalk](https://github.com/chalk/chalk) - Terminal string styling done right\n- [jsesc](https://github.com/mathiasbynens/jsesc) - Generate ASCII-only output from Unicode strings. Useful for creating test fixtures.\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "string-width": "^1.0.1" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\wrap-ansi", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "easily create complex multi-column command-line-interfaces", + "devDependencies": { + "chai": "^3.3.0", + "chalk": "^1.1.1", + "coveralls": "^2.11.4", + "mocha": "^2.3.3", + "nyc": "^3.2.2", + "standard": "^5.3.1" + }, + "directories": {}, + "dist": { + "shasum": "a3b880308e0a8191721e0081a8c2a8b506d0abf9", + "tarball": "http://registry.npmjs.org/cliui/-/cliui-3.1.0.tgz" + }, + "gitHead": "c8eb1b4aa6d2efdb5bc4903fb1fa6e9f7f066a72", + "homepage": "https://github.com/bcoe/cliui", + "keywords": [ + "cli", + "command-line", + "layout", + "design", + "console", + "wrap", + "table" + ], + "license": "ISC", + "main": "index.js", + "maintainers": [ + { + "name": "bcoe", + "email": "ben@npmjs.com" + } + ], + "name": "cliui", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+ssh://git@github.com/bcoe/cliui.git" + }, + "scripts": { + "coverage": "nyc --reporter=text-lcov mocha | coveralls", + "test": "standard && nyc mocha" + }, + "standard": { + "globals": [ + "it" + ], + "ignore": [ + "**/example/**" + ] + }, + "version": "3.1.0", + "readme": "# cliui\n\n[![Build Status](https://travis-ci.org/bcoe/cliui.png)](https://travis-ci.org/bcoe/cliui)\n[![Coverage Status](https://coveralls.io/repos/bcoe/cliui/badge.svg?branch=)](https://coveralls.io/r/bcoe/cliui?branch=)\n[![NPM version](https://img.shields.io/npm/v/cliui.svg)](https://www.npmjs.com/package/cliui)\n\neasily create complex multi-column command-line-interfaces.\n\n## Example\n\n```js\nvar ui = require('cliui')({\n width: 80\n})\n\nui.div('Usage: $0 [command] [options]')\n\nui.div({\n text: 'Options:',\n padding: [2, 0, 2, 0]\n})\n\nui.div(\n {\n text: \"-f, --file\",\n width: 20,\n padding: [0, 4, 0, 4]\n },\n {\n text: \"the file to load.\" +\n chalk.green(\"(if this description is long it wraps).\")\n ,\n width: 20\n },\n {\n text: chalk.red(\"[required]\"),\n align: 'right'\n }\n)\n\nconsole.log(ui.toString())\n```\n\n\n\n## Layout DSL\n\ncliui exposes a simple layout DSL:\n\nIf you create a single `ui.row`, passing a string rather than an\nobject:\n\n* `\\n`: characters will be interpreted as new rows.\n* `\\t`: characters will be interpreted as new columns.\n* `\\s`: characters will be interpreted as padding.\n\n**as an example...**\n\n```js\nvar ui = require('./')({\n width: 60\n})\n\nui.div(\n 'Usage: node ./bin/foo.js\\n' +\n ' \\t provide a regex\\n' +\n ' \\t provide a glob\\t [required]'\n)\n\nconsole.log(ui.toString())\n```\n\n**will output:**\n\n```shell\nUsage: node ./bin/foo.js\n provide a regex\n provide a glob [required]\n```\n\n## Methods\n\n```js\ncliui = require('cliui')\n```\n\n### cliui({width: integer})\n\nSpecify the maximum width of the UI being generated.\n\n### cliui({wrap: boolean})\n\nEnable or disable the wrapping of text in a column.\n\n### cliui.div(column, column, column)\n\nCreate a row with any number of columns, a column\ncan either be a string, or an object with the following\noptions:\n\n* **width:** the width of a column.\n* **align:** alignment, `right` or `center`.\n* **padding:** `[top, right, bottom, left]`.\n* **border:** should a border be placed around the div?\n\n### cliui.span(column, column, column)\n\nSimilar to `div`, except the next row will be appended without\na new line being created.\n", + "readmeFilename": "README.md", + "_dependencies": { + "string-width": "^1.0.1", + "strip-ansi": "^3.0.0", + "wrap-ansi": "^1.0.0" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\cliui", + "error": "[Circular]", + "extraneous": false + }, + "decamelize": { + "_args": [ + [ + "decamelize@^1.1.1", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "decamelize@1.1.2", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "decamelize@>=1.1.1 <2.0.0", + "_id": "decamelize@1.1.2", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/decamelize", + "_nodeVersion": "4.2.1", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.14.7", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "decamelize@1.1.2", + "name": "decamelize", + "escapedName": "decamelize", + "rawSpec": "1.1.2", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.2" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/decamelize/-/decamelize-1.1.2.tgz", + "_shasum": "dcc93727be209632e98b02718ef4cb79602322f2", + "_shrinkwrap": "[Circular]", + "_spec": "1.1.2", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/decamelize/issues" + }, + "dependencies": { + "escape-string-regexp": { + "_args": [ + [ + "escape-string-regexp@^1.0.4", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/decamelize" + ], + [ + "escape-string-regexp@1.0.5", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "escape-string-regexp@>=1.0.4 <2.0.0", + "_id": "escape-string-regexp@1.0.5", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/escape-string-regexp", + "_nodeVersion": "4.2.6", + "_npmOperationalInternal": { + "host": "packages-9-west.internal.npmjs.com", + "tmp": "tmp/escape-string-regexp-1.0.5.tgz_1456059312074_0.7245344955008477" + }, + "_npmUser": { + "email": "jappelman@xebia.com", + "name": "jbnicolai" + }, + "_npmVersion": "2.14.12", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "escape-string-regexp@1.0.5", + "name": "escape-string-regexp", + "escapedName": "escape-string-regexp", + "rawSpec": "1.0.5", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.5" + }, + "_requiredBy": [ + "/bundle-dependencies/decamelize" + ], + "_resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "_shasum": "1b61c0562190a8dff6ae3bb2cf0200ca130b86d4", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.5", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues" + }, + "dependencies": {}, + "description": "Escape RegExp special characters", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "1b61c0562190a8dff6ae3bb2cf0200ca130b86d4", + "tarball": "http://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz" + }, + "engines": { + "node": ">=0.8.0" + }, + "files": [ + "index.js" + ], + "gitHead": "db124a3e1aae9d692c4899e42a5c6c3e329eaa20", + "homepage": "https://github.com/sindresorhus/escape-string-regexp", + "keywords": [ + "escape", + "regex", + "regexp", + "re", + "regular", + "expression", + "string", + "str", + "special", + "characters" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + }, + { + "name": "jbnicolai", + "email": "jappelman@xebia.com" + } + ], + "name": "escape-string-regexp", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "1.0.5", + "readme": "# escape-string-regexp [![Build Status](https://travis-ci.org/sindresorhus/escape-string-regexp.svg?branch=master)](https://travis-ci.org/sindresorhus/escape-string-regexp)\n\n> Escape RegExp special characters\n\n\n## Install\n\n```\n$ npm install --save escape-string-regexp\n```\n\n\n## Usage\n\n```js\nconst escapeStringRegexp = require('escape-string-regexp');\n\nconst escapedString = escapeStringRegexp('how much $ for a unicorn?');\n//=> 'how much \\$ for a unicorn\\?'\n\nnew RegExp(escapedString);\n```\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\escape-string-regexp", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Convert a camelized string into a lowercased one with a custom separator: unicornRainbow → unicorn_rainbow", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "dcc93727be209632e98b02718ef4cb79602322f2", + "tarball": "http://registry.npmjs.org/decamelize/-/decamelize-1.1.2.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "82c87d3382126375ab0c3b7f5438bfd5eccb18c3", + "homepage": "https://github.com/sindresorhus/decamelize", + "keywords": [ + "decamelize", + "decamelcase", + "camelcase", + "lowercase", + "case", + "dash", + "hyphen", + "string", + "str", + "text", + "convert" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "decamelize", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/decamelize.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "1.1.2", + "readme": "# decamelize [![Build Status](https://travis-ci.org/sindresorhus/decamelize.svg?branch=master)](https://travis-ci.org/sindresorhus/decamelize)\n\n> Convert a camelized string into a lowercased one with a custom separator \n> Example: `unicornRainbow` → `unicorn_rainbow`\n\n\n## Install\n\n```\n$ npm install --save decamelize\n```\n\n\n## Usage\n\n```js\nconst decamelize = require('decamelize');\n\ndecamelize('unicornRainbow');\n//=> 'unicorn_rainbow'\n\ndecamelize('unicornRainbow', '-');\n//=> 'unicorn-rainbow'\n```\n\n\n## API\n\n### decamelize(input, [separator])\n\n#### input\n\nType: `string`\n\n#### separator\n\nType: `string` \nDefault: `_`\n\n\n## Related\n\nSee [`camelcase`](https://github.com/sindresorhus/camelcase) for the inverse.\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "escape-string-regexp": "^1.0.4" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\decamelize", + "error": "[Circular]", + "extraneous": false + }, + "os-locale": { + "_args": [ + [ + "os-locale@^1.4.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "os-locale@1.4.0", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "os-locale@>=1.4.0 <2.0.0", + "_id": "os-locale@1.4.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/os-locale", + "_nodeVersion": "3.0.0", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.13.3", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "os-locale@1.4.0", + "name": "os-locale", + "escapedName": "os-locale", + "rawSpec": "1.4.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.4.0" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/os-locale/-/os-locale-1.4.0.tgz", + "_shasum": "20f9f17ae29ed345e8bde583b13d2009803c14d9", + "_shrinkwrap": "[Circular]", + "_spec": "1.4.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/os-locale/issues" + }, + "dependencies": { + "lcid": { + "_args": [ + [ + "lcid@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/os-locale" + ], + [ + "lcid@1.0.0", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "lcid@>=1.0.0 <2.0.0", + "_id": "lcid@1.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/lcid", + "_nodeVersion": "0.12.0", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.5.1", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "lcid@1.0.0", + "name": "lcid", + "escapedName": "lcid", + "rawSpec": "1.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/os-locale" + ], + "_resolved": "https://registry.npmjs.org/lcid/-/lcid-1.0.0.tgz", + "_shasum": "308accafa0bc483a3867b4b6f2b9506251d1b835", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/lcid/issues" + }, + "dependencies": { + "invert-kv": { + "_args": [ + [ + "invert-kv@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/lcid" + ], + [ + "invert-kv@1.0.0", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "invert-kv@>=1.0.0 <2.0.0", + "_id": "invert-kv@1.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/invert-kv", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "1.4.21", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "invert-kv@1.0.0", + "name": "invert-kv", + "escapedName": "invert-kv", + "rawSpec": "1.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/lcid" + ], + "_resolved": "https://registry.npmjs.org/invert-kv/-/invert-kv-1.0.0.tgz", + "_shasum": "104a8e4aaca6d3d8cd157a8ef8bfab2d7a3ffdb6", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "http://sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/invert-kv/issues" + }, + "dependencies": {}, + "description": "Invert the key/value of an object. Example: {foo: 'bar'} → {bar: 'foo'}", + "devDependencies": { + "mocha": "*" + }, + "directories": {}, + "dist": { + "shasum": "104a8e4aaca6d3d8cd157a8ef8bfab2d7a3ffdb6", + "tarball": "http://registry.npmjs.org/invert-kv/-/invert-kv-1.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "c28c3a15abcde3f67bd90f90f8ffe54a5f8cb04e", + "homepage": "https://github.com/sindresorhus/invert-kv", + "keywords": [ + "object", + "obj", + "key", + "value", + "val", + "kv", + "invert" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "invert-kv", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/invert-kv.git" + }, + "scripts": { + "test": "mocha" + }, + "version": "1.0.0", + "readme": "# invert-kv [![Build Status](https://travis-ci.org/sindresorhus/invert-kv.svg?branch=master)](https://travis-ci.org/sindresorhus/invert-kv)\n\n> Invert the key/value of an object. Example: `{foo: 'bar'}` → `{bar: 'foo'}`\n\n\n## Install\n\n```sh\n$ npm install --save invert-kv\n```\n\n\n## Usage\n\n```js\nvar invertKv = require('invert-kv');\n\ninvertKv({foo: 'bar', unicorn: 'rainbow'});\n//=> {bar: 'foo', rainbow: 'unicorn'}\n```\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\invert-kv", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Mapping between standard locale identifiers and Windows locale identifiers (LCID)", + "devDependencies": { + "ava": "0.0.4" + }, + "directories": {}, + "dist": { + "shasum": "308accafa0bc483a3867b4b6f2b9506251d1b835", + "tarball": "http://registry.npmjs.org/lcid/-/lcid-1.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js", + "lcid.json" + ], + "gitHead": "96bb3e617f77f5f8ceb78653c77de5a85abb3b1e", + "homepage": "https://github.com/sindresorhus/lcid", + "keywords": [ + "lcid", + "locale", + "string", + "str", + "id", + "identifier", + "windows", + "language", + "lang", + "map", + "mapping", + "convert", + "json", + "bcp47", + "ietf", + "tag" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "lcid", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/lcid.git" + }, + "scripts": { + "test": "node test.js" + }, + "version": "1.0.0", + "readme": "# lcid [![Build Status](https://travis-ci.org/sindresorhus/lcid.svg?branch=master)](https://travis-ci.org/sindresorhus/lcid)\n\n> Mapping between [standard locale identifiers](http://en.wikipedia.org/wiki/Locale) and [Windows locale identifiers (LCID)](http://en.wikipedia.org/wiki/Locale#Specifics_for_Microsoft_platforms)\n\nBased on the [mapping](https://github.com/python/cpython/blob/be2a1a76fa43bb1ea1b3577bb5bdd506a2e90e37/Lib/locale.py#L1395-L1604) used in the Python standard library.\n\nThe mapping itself is just a [JSON file](lcid.json) and can be used wherever.\n\n\n## Install\n\n```\n$ npm install --save lcid\n```\n\n\n## Usage\n\n```js\nvar lcid = require('lcid');\n\nlcid.from(1044);\n//=> 'nb_NO'\n\nlcid.to('nb_NO');\n//=> 1044\n\nlcid.all;\n//=> {'af_ZA': 1078, ...}\n```\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "invert-kv": "^1.0.0" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\lcid", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Get the system locale", + "devDependencies": { + "ava": "*", + "require-uncached": "^1.0.2", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "20f9f17ae29ed345e8bde583b13d2009803c14d9", + "tarball": "http://registry.npmjs.org/os-locale/-/os-locale-1.4.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "b5c88233910b2e959fe84d841addb7a15e1cc813", + "homepage": "https://github.com/sindresorhus/os-locale", + "keywords": [ + "locale", + "lang", + "language", + "system", + "os", + "string", + "str", + "user", + "country", + "id", + "identifier", + "region" + ], + "license": "MIT", + "maintainers": [ + { + "name": "abg", + "email": "andrewbgoode@gmail.com" + }, + { + "name": "bcoe", + "email": "ben@npmjs.com" + }, + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "os-locale", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/os-locale.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "1.4.0", + "readme": "# os-locale [![Build Status](https://travis-ci.org/sindresorhus/os-locale.svg?branch=master)](https://travis-ci.org/sindresorhus/os-locale)\n\n> Get the system [locale](http://en.wikipedia.org/wiki/Locale)\n\nUseful for localizing your module or app.\n\nPOSIX systems: The returned locale refers to the [`LC_MESSAGE`](http://www.gnu.org/software/libc/manual/html_node/Locale-Categories.html#Locale-Categories) category, suitable for selecting the language used in the user interface for message translation.\n\n\n## Install\n\n```\n$ npm install --save os-locale\n```\n\n\n## Usage\n\n```js\nvar osLocale = require('os-locale');\n\nosLocale(function (err, locale) {\n\tconsole.log(locale);\n\t//=> 'en_US'\n});\n```\n\n\n## API\n\n### osLocale([options], callback(error, locale))\n\n### osLocale.sync([options])\n\nReturns the locale.\n\n#### options.spawn\n\nType: `boolean` \nDefault: `true`\n\nSet to `false` to avoid spawning subprocesses and instead only resolve the locale from environment variables.\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "lcid": "^1.0.0" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\os-locale", + "error": "[Circular]", + "extraneous": false + }, + "pkg-conf": { + "_args": [ + [ + "pkg-conf@^1.1.1", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "pkg-conf@1.1.1", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "pkg-conf@>=1.1.1 <2.0.0", + "_id": "pkg-conf@1.1.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/pkg-conf", + "_nodeVersion": "4.2.4", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "3.6.0", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "pkg-conf@1.1.1", + "name": "pkg-conf", + "escapedName": "pkg-conf", + "rawSpec": "1.1.1", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.1" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/pkg-conf/-/pkg-conf-1.1.1.tgz", + "_shasum": "a3caee3fb9c23ab4abad3baaea02f0001c75f200", + "_shrinkwrap": "[Circular]", + "_spec": "1.1.1", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/pkg-conf/issues" + }, + "dependencies": { + "find-up": { + "_args": [ + [ + "find-up@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/pkg-conf" + ], + [ + "find-up@1.1.0", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "find-up@>=1.0.0 <2.0.0", + "_id": "find-up@1.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/find-up", + "_nodeVersion": "4.2.1", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.14.7", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "find-up@1.1.0", + "name": "find-up", + "escapedName": "find-up", + "rawSpec": "1.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies/pkg-conf", + "/bundle-dependencies/read-pkg-up" + ], + "_resolved": "https://registry.npmjs.org/find-up/-/find-up-1.1.0.tgz", + "_shasum": "a63b0eec4625a2902534898a5f9eec8aaed046e9", + "_shrinkwrap": "[Circular]", + "_spec": "1.1.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/find-up/issues" + }, + "dependencies": { + "path-exists": { + "_args": [ + [ + "path-exists@^2.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/find-up" + ], + [ + "path-exists@2.1.0", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "path-exists@>=2.0.0 <3.0.0", + "_id": "path-exists@2.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/path-exists", + "_nodeVersion": "4.2.1", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.14.7", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "path-exists@2.1.0", + "name": "path-exists", + "escapedName": "path-exists", + "rawSpec": "2.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies/find-up" + ], + "_resolved": "https://registry.npmjs.org/path-exists/-/path-exists-2.1.0.tgz", + "_shasum": "0feb6c64f0fc518d9a754dd5efb62c7022761f4b", + "_shrinkwrap": "[Circular]", + "_spec": "2.1.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/path-exists/issues" + }, + "dependencies": { + "pinkie-promise": { + "_args": [ + [ + "pinkie-promise@^2.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/find-up" + ], + [ + "pinkie-promise@2.0.0", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "pinkie-promise@>=2.0.0 <3.0.0", + "_id": "pinkie-promise@2.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/pinkie-promise", + "_nodeVersion": "4.2.0", + "_npmUser": { + "email": "floatdrop@gmail.com", + "name": "floatdrop" + }, + "_npmVersion": "2.14.7", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "pinkie-promise@2.0.0", + "name": "pinkie-promise", + "escapedName": "pinkie-promise", + "rawSpec": "2.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/find-up", + "/bundle-dependencies/load-json-file", + "/bundle-dependencies/path-exists", + "/bundle-dependencies/path-type" + ], + "_resolved": "https://registry.npmjs.org/pinkie-promise/-/pinkie-promise-2.0.0.tgz", + "_shasum": "4c83538de1f6e660c29e0a13446844f7a7e88259", + "_shrinkwrap": "[Circular]", + "_spec": "2.0.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Vsevolod Strukchinsky", + "email": "floatdrop@gmail.com", + "url": "github.com/floatdrop" + }, + "bugs": { + "url": "https://github.com/floatdrop/pinkie-promise/issues" + }, + "dependencies": {}, + "description": "ES2015 Promise ponyfill", + "devDependencies": { + "mocha": "*" + }, + "directories": {}, + "dist": { + "shasum": "4c83538de1f6e660c29e0a13446844f7a7e88259", + "tarball": "http://registry.npmjs.org/pinkie-promise/-/pinkie-promise-2.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "f90fcae9838bcae7ae1ae4ebc9b29f11e5db4980", + "homepage": "https://github.com/floatdrop/pinkie-promise", + "keywords": [ + "promise", + "promises", + "es2015", + "es6", + "polyfill", + "ponyfill" + ], + "license": "MIT", + "maintainers": [ + { + "name": "floatdrop", + "email": "floatdrop@gmail.com" + } + ], + "name": "pinkie-promise", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/floatdrop/pinkie-promise.git" + }, + "scripts": { + "test": "mocha" + }, + "version": "2.0.0", + "readme": "# pinkie-promise [![Build Status](https://travis-ci.org/floatdrop/pinkie-promise.svg?branch=master)](https://travis-ci.org/floatdrop/pinkie-promise)\n\n> [ES2015 Promise](https://people.mozilla.org/~jorendorff/es6-draft.html#sec-promise-objects) ponyfill\n\nModule exports global Promise object (if available) or [`pinkie`](http://github.com/floatdrop/pinkie) Promise polyfill.\n\n## Install\n\n```\n$ npm install --save pinkie-promise\n```\n\n## Usage\n\n```js\nvar Promise = require('pinkie-promise');\n\nnew Promise(function (resolve) { resolve('unicorns'); });\n//=> Promise { 'unicorns' }\n```\n\n## Related\n\n- [pify](https://github.com/sindresorhus/pify) - Promisify a callback-style function\n\n## License\n\nMIT © [Vsevolod Strukchinsky](http://github.com/floatdrop)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pinkie-promise", + "error": "[Circular]", + "extraneous": false, + "_deduped": "node_modules\\bundle-dependencies\\node_modules\\pinkie-promise" + } + }, + "description": "Check if a path exists", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "0feb6c64f0fc518d9a754dd5efb62c7022761f4b", + "tarball": "http://registry.npmjs.org/path-exists/-/path-exists-2.1.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "3af423661e78466764f87c5712263c5d7a1ce5b7", + "homepage": "https://github.com/sindresorhus/path-exists", + "keywords": [ + "path", + "exists", + "exist", + "file", + "filepath", + "fs", + "filesystem", + "file-system", + "access", + "stat" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "path-exists", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/path-exists.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "2.1.0", + "readme": "# path-exists [![Build Status](https://travis-ci.org/sindresorhus/path-exists.svg?branch=master)](https://travis-ci.org/sindresorhus/path-exists)\n\n> Check if a path exists\n\nBecause [`fs.exists()`](https://nodejs.org/api/fs.html#fs_fs_exists_path_callback) is being [deprecated](https://github.com/iojs/io.js/issues/103), but there's still a genuine use-case of being able to check if a path exists for other purposes than doing IO with it.\n\nNever use this before handling a file though:\n\n> In particular, checking if a file exists before opening it is an anti-pattern that leaves you vulnerable to race conditions: another process may remove the file between the calls to `fs.exists()` and `fs.open()`. Just open the file and handle the error when it's not there.\n\n\n## Install\n\n```\n$ npm install --save path-exists\n```\n\n\n## Usage\n\n```js\n// foo.js\nvar pathExists = require('path-exists');\n\npathExists('foo.js').then(function (exists) {\n\tconsole.log(exists);\n\t//=> true\n});\n```\n\n\n## API\n\n### pathExists(path)\n\nReturns a promise that resolves to a boolean of whether the path exists.\n\n### pathExists.sync(path)\n\nReturns a boolean of whether the path exists.\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "pinkie-promise": "^2.0.0" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\path-exists", + "error": "[Circular]", + "extraneous": false + }, + "pinkie-promise": { + "_args": "[Circular]", + "_from": "pinkie-promise@>=2.0.0 <3.0.0", + "_id": "pinkie-promise@2.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/pinkie-promise", + "_nodeVersion": "4.2.0", + "_npmUser": "[Circular]", + "_npmVersion": "2.14.7", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "pinkie-promise@2.0.0", + "name": "pinkie-promise", + "escapedName": "pinkie-promise", + "rawSpec": "2.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.0.0" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/pinkie-promise/-/pinkie-promise-2.0.0.tgz", + "_shasum": "4c83538de1f6e660c29e0a13446844f7a7e88259", + "_shrinkwrap": "[Circular]", + "_spec": "2.0.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": { + "pinkie": { + "_args": [ + [ + "pinkie@^2.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/pinkie-promise" + ], + [ + "pinkie@2.0.4", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "pinkie@>=2.0.0 <3.0.0", + "_id": "pinkie@2.0.4", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/pinkie", + "_nodeVersion": "4.2.4", + "_npmUser": { + "email": "floatdrop@gmail.com", + "name": "floatdrop" + }, + "_npmVersion": "2.14.12", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "pinkie@2.0.4", + "name": "pinkie", + "escapedName": "pinkie", + "rawSpec": "2.0.4", + "saveSpec": "[Circular]", + "fetchSpec": "2.0.4" + }, + "_requiredBy": [ + "/bundle-dependencies/pinkie-promise" + ], + "_resolved": "https://registry.npmjs.org/pinkie/-/pinkie-2.0.4.tgz", + "_shasum": "72556b80cfa0d48a974e80e77248e80ed4f7f870", + "_shrinkwrap": "[Circular]", + "_spec": "2.0.4", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Vsevolod Strukchinsky", + "email": "floatdrop@gmail.com", + "url": "github.com/floatdrop" + }, + "bugs": { + "url": "https://github.com/floatdrop/pinkie/issues" + }, + "dependencies": {}, + "description": "Itty bitty little widdle twinkie pinkie ES2015 Promise implementation", + "devDependencies": { + "core-assert": "^0.1.1", + "coveralls": "^2.11.4", + "mocha": "*", + "nyc": "^3.2.2", + "promises-aplus-tests": "*", + "xo": "^0.10.1" + }, + "directories": {}, + "dist": { + "shasum": "72556b80cfa0d48a974e80e77248e80ed4f7f870", + "tarball": "http://registry.npmjs.org/pinkie/-/pinkie-2.0.4.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "8d4a92447a5c62bff9f89756caeb4c9c8770579b", + "homepage": "https://github.com/floatdrop/pinkie", + "keywords": [ + "promise", + "promises", + "es2015", + "es6" + ], + "license": "MIT", + "maintainers": [ + { + "name": "floatdrop", + "email": "floatdrop@gmail.com" + } + ], + "name": "pinkie", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/floatdrop/pinkie.git" + }, + "scripts": { + "coverage": "nyc report --reporter=text-lcov | coveralls", + "test": "xo && nyc mocha" + }, + "version": "2.0.4", + "readme": "

\n\t
\n\t\"pinkie\"\n\t
\n\t
\n

\n\n> Itty bitty little widdle twinkie pinkie [ES2015 Promise](https://people.mozilla.org/~jorendorff/es6-draft.html#sec-promise-objects) implementation\n\n[![Build Status](https://travis-ci.org/floatdrop/pinkie.svg?branch=master)](https://travis-ci.org/floatdrop/pinkie) [![Coverage Status](https://coveralls.io/repos/floatdrop/pinkie/badge.svg?branch=master&service=github)](https://coveralls.io/github/floatdrop/pinkie?branch=master)\n\nThere are [tons of Promise implementations](https://github.com/promises-aplus/promises-spec/blob/master/implementations.md#standalone) out there, but all of them focus on browser compatibility and are often bloated with functionality.\n\nThis module is an exact Promise specification polyfill (like [native-promise-only](https://github.com/getify/native-promise-only)), but in Node.js land (it should be browserify-able though).\n\n\n## Install\n\n```\n$ npm install --save pinkie\n```\n\n\n## Usage\n\n```js\nvar fs = require('fs');\nvar Promise = require('pinkie');\n\nnew Promise(function (resolve, reject) {\n\tfs.readFile('foo.json', 'utf8', function (err, data) {\n\t\tif (err) {\n\t\t\treject(err);\n\t\t\treturn;\n\t\t}\n\n\t\tresolve(data);\n\t});\n});\n//=> Promise\n```\n\n\n### API\n\n`pinkie` exports bare [ES2015 Promise](https://people.mozilla.org/~jorendorff/es6-draft.html#sec-promise-objects) implementation and polyfills [Node.js rejection events](https://nodejs.org/api/process.html#process_event_unhandledrejection). In case you forgot:\n\n#### new Promise(executor)\n\nReturns new instance of `Promise`.\n\n##### executor\n\n*Required* \nType: `function`\n\nFunction with two arguments `resolve` and `reject`. The first argument fulfills the promise, the second argument rejects it.\n\n#### pinkie.all(promises)\n\nReturns a promise that resolves when all of the promises in the `promises` Array argument have resolved.\n\n#### pinkie.race(promises)\n\nReturns a promise that resolves or rejects as soon as one of the promises in the `promises` Array resolves or rejects, with the value or reason from that promise.\n\n#### pinkie.reject(reason)\n\nReturns a Promise object that is rejected with the given `reason`.\n\n#### pinkie.resolve(value)\n\nReturns a Promise object that is resolved with the given `value`. If the `value` is a thenable (i.e. has a then method), the returned promise will \"follow\" that thenable, adopting its eventual state; otherwise the returned promise will be fulfilled with the `value`.\n\n\n## Related\n\n- [pinkie-promise](https://github.com/floatdrop/pinkie-promise) - Returns the native Promise or this module\n\n\n## License\n\nMIT © [Vsevolod Strukchinsky](http://github.com/floatdrop)\n", + "readmeFilename": "readme.md", + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pinkie", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "ES2015 Promise ponyfill", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "f90fcae9838bcae7ae1ae4ebc9b29f11e5db4980", + "homepage": "https://github.com/floatdrop/pinkie-promise", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "pinkie-promise", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "2.0.0", + "readme": "# pinkie-promise [![Build Status](https://travis-ci.org/floatdrop/pinkie-promise.svg?branch=master)](https://travis-ci.org/floatdrop/pinkie-promise)\n\n> [ES2015 Promise](https://people.mozilla.org/~jorendorff/es6-draft.html#sec-promise-objects) ponyfill\n\nModule exports global Promise object (if available) or [`pinkie`](http://github.com/floatdrop/pinkie) Promise polyfill.\n\n## Install\n\n```\n$ npm install --save pinkie-promise\n```\n\n## Usage\n\n```js\nvar Promise = require('pinkie-promise');\n\nnew Promise(function (resolve) { resolve('unicorns'); });\n//=> Promise { 'unicorns' }\n```\n\n## Related\n\n- [pify](https://github.com/sindresorhus/pify) - Promisify a callback-style function\n\n## License\n\nMIT © [Vsevolod Strukchinsky](http://github.com/floatdrop)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pinkie-promise", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Find a file by walking up parent directories", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "a63b0eec4625a2902534898a5f9eec8aaed046e9", + "tarball": "http://registry.npmjs.org/find-up/-/find-up-1.1.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "06e9dae73659ddf2421440ca4695161c38d7d2fb", + "homepage": "https://github.com/sindresorhus/find-up", + "keywords": [ + "find", + "up", + "find-up", + "findup", + "look-up", + "look", + "file", + "search", + "match", + "package", + "resolve", + "parent", + "parents", + "folder", + "directory", + "dir", + "walk", + "walking", + "path" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "find-up", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/find-up.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "1.1.0", + "readme": "# find-up [![Build Status](https://travis-ci.org/sindresorhus/find-up.svg?branch=master)](https://travis-ci.org/sindresorhus/find-up)\n\n> Find a file by walking up parent directories\n\n\n## Install\n\n```\n$ npm install --save find-up\n```\n\n\n## Usage\n\n```\n/\n└── Users\n └── sindresorhus\n ├── unicorn.png\n └── foo\n └── bar\n ├── baz\n └── example.js\n```\n\n```js\n// example.js\nvar findUp = require('find-up');\n\nfindUp('unicorn.png').then(function (filepath) {\n\tconsole.log(filepath);\n\t//=> '/Users/sindresorhus/unicorn.png'\n});\n```\n\n\n## API\n\n### findUp(filename, [options])\n\nReturns a promise that resolves to a filepath or `null`.\n\n### findUp.sync(filename, [options])\n\nReturns a filepath or `null`.\n\n#### filename\n\nType: `string`\n\nFilename of the file to find.\n\n#### options\n\n##### cwd\n\nType: `string` \nDefault: `process.cwd()`\n\nDirectory to start from.\n\n\n## Related\n\n- [find-up-cli](https://github.com/sindresorhus/find-up-cli) - CLI for this module\n- [pkg-up](https://github.com/sindresorhus/pkg-up) - Find the closest package.json file\n- [pkg-dir](https://github.com/sindresorhus/pkg-dir) - Find the root directory of a npm package\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\find-up", + "error": "[Circular]", + "extraneous": false + }, + "object-assign": { + "_args": [ + [ + "object-assign@^4.0.1", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/pkg-conf" + ], + [ + "object-assign@4.0.1", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "object-assign@>=4.0.1 <5.0.0", + "_id": "object-assign@4.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/object-assign", + "_nodeVersion": "3.0.0", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.13.3", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "object-assign@4.0.1", + "name": "object-assign", + "escapedName": "object-assign", + "rawSpec": "4.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "4.0.1" + }, + "_requiredBy": [ + "/bundle-dependencies/pkg-conf" + ], + "_resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.0.1.tgz", + "_shasum": "99504456c3598b5cad4fc59c26e8a9bb107fe0bd", + "_shrinkwrap": "[Circular]", + "_spec": "4.0.1", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "http://sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/object-assign/issues" + }, + "dependencies": {}, + "description": "ES6 Object.assign() ponyfill", + "devDependencies": { + "lodash": "^3.10.1", + "matcha": "^0.6.0", + "mocha": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "99504456c3598b5cad4fc59c26e8a9bb107fe0bd", + "tarball": "http://registry.npmjs.org/object-assign/-/object-assign-4.0.1.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "b0c40d37cbc43e89ad3326a9bad4c6b3133ba6d3", + "homepage": "https://github.com/sindresorhus/object-assign#readme", + "keywords": [ + "object", + "assign", + "extend", + "properties", + "es6", + "ecmascript", + "harmony", + "ponyfill", + "prollyfill", + "polyfill", + "shim", + "browser" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "object-assign", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/object-assign.git" + }, + "scripts": { + "bench": "matcha bench.js", + "test": "xo && mocha" + }, + "version": "4.0.1", + "xo": { + "envs": [ + "node", + "mocha" + ] + }, + "readme": "# object-assign [![Build Status](https://travis-ci.org/sindresorhus/object-assign.svg?branch=master)](https://travis-ci.org/sindresorhus/object-assign)\n\n> ES6 [`Object.assign()`](http://www.2ality.com/2014/01/object-assign.html) ponyfill\n\n> Ponyfill: A polyfill that doesn't overwrite the native method\n\n\n## Install\n\n```sh\n$ npm install --save object-assign\n```\n\n\n## Usage\n\n```js\nvar objectAssign = require('object-assign');\n\nobjectAssign({foo: 0}, {bar: 1});\n//=> {foo: 0, bar: 1}\n\n// multiple sources\nobjectAssign({foo: 0}, {bar: 1}, {baz: 2});\n//=> {foo: 0, bar: 1, baz: 2}\n\n// overwrites equal keys\nobjectAssign({foo: 0}, {foo: 1}, {foo: 2});\n//=> {foo: 2}\n\n// ignores null and undefined sources\nobjectAssign({foo: 0}, null, {bar: 1}, undefined);\n//=> {foo: 0, bar: 1}\n```\n\n\n## API\n\n### objectAssign(target, source, [source, ...])\n\nAssigns enumerable own properties of `source` objects to the `target` object and returns the `target` object. Additional `source` objects will overwrite previous ones.\n\n\n## Resources\n\n- [ES6 spec - Object.assign](https://people.mozilla.org/~jorendorff/es6-draft.html#sec-object.assign)\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\object-assign", + "error": "[Circular]", + "extraneous": false + }, + "read-pkg": { + "_args": [ + [ + "read-pkg@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/pkg-conf" + ], + [ + "read-pkg@1.1.0", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "read-pkg@>=1.0.0 <2.0.0", + "_id": "read-pkg@1.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/read-pkg", + "_nodeVersion": "3.0.0", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.13.3", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "read-pkg@1.1.0", + "name": "read-pkg", + "escapedName": "read-pkg", + "rawSpec": "1.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies/pkg-conf", + "/bundle-dependencies/read-pkg-up" + ], + "_resolved": "https://registry.npmjs.org/read-pkg/-/read-pkg-1.1.0.tgz", + "_shasum": "f5ffaa5ecd29cb31c0474bca7d756b6bb29e3f28", + "_shrinkwrap": "[Circular]", + "_spec": "1.1.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/read-pkg/issues" + }, + "dependencies": { + "load-json-file": { + "_args": [ + [ + "load-json-file@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/read-pkg" + ], + [ + "load-json-file@1.1.0", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "load-json-file@>=1.0.0 <2.0.0", + "_id": "load-json-file@1.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/load-json-file", + "_nodeVersion": "4.2.1", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.14.7", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "load-json-file@1.1.0", + "name": "load-json-file", + "escapedName": "load-json-file", + "rawSpec": "1.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies/read-pkg" + ], + "_resolved": "https://registry.npmjs.org/load-json-file/-/load-json-file-1.1.0.tgz", + "_shasum": "956905708d58b4bab4c2261b04f59f31c99374c0", + "_shrinkwrap": "[Circular]", + "_spec": "1.1.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/load-json-file/issues" + }, + "dependencies": { + "graceful-fs": { + "_args": [ + [ + "graceful-fs@^4.1.2", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/load-json-file" + ], + [ + "graceful-fs@4.1.3", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "graceful-fs@>=4.1.2 <5.0.0", + "_id": "graceful-fs@4.1.3", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/graceful-fs", + "_nodeVersion": "4.0.0", + "_npmOperationalInternal": { + "host": "packages-6-west.internal.npmjs.com", + "tmp": "tmp/graceful-fs-4.1.3.tgz_1454449326495_0.943017533281818" + }, + "_npmUser": { + "email": "i@izs.me", + "name": "isaacs" + }, + "_npmVersion": "3.7.0", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "graceful-fs@4.1.3", + "name": "graceful-fs", + "escapedName": "graceful-fs", + "rawSpec": "4.1.3", + "saveSpec": "[Circular]", + "fetchSpec": "4.1.3" + }, + "_requiredBy": [ + "/bundle-dependencies/load-json-file", + "/bundle-dependencies/path-type" + ], + "_resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.1.3.tgz", + "_shasum": "92033ce11113c41e2628d61fdfa40bc10dc0155c", + "_shrinkwrap": "[Circular]", + "_spec": "4.1.3", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "bugs": { + "url": "https://github.com/isaacs/node-graceful-fs/issues" + }, + "dependencies": {}, + "description": "A drop-in replacement for fs, making various improvements.", + "devDependencies": { + "mkdirp": "^0.5.0", + "rimraf": "^2.2.8", + "tap": "^5.4.2" + }, + "directories": { + "test": "test" + }, + "dist": { + "shasum": "92033ce11113c41e2628d61fdfa40bc10dc0155c", + "tarball": "http://registry.npmjs.org/graceful-fs/-/graceful-fs-4.1.3.tgz" + }, + "engines": { + "node": ">=0.4.0" + }, + "files": [ + "fs.js", + "graceful-fs.js", + "legacy-streams.js", + "polyfills.js" + ], + "gitHead": "694c56f3aed4aee62d6df169be123d3984f61b85", + "homepage": "https://github.com/isaacs/node-graceful-fs#readme", + "keywords": [ + "fs", + "module", + "reading", + "retry", + "retries", + "queue", + "error", + "errors", + "handling", + "EMFILE", + "EAGAIN", + "EINVAL", + "EPERM", + "EACCESS" + ], + "license": "ISC", + "main": "graceful-fs.js", + "maintainers": [ + { + "name": "isaacs", + "email": "i@izs.me" + } + ], + "name": "graceful-fs", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/isaacs/node-graceful-fs.git" + }, + "scripts": { + "test": "node test.js | tap -" + }, + "version": "4.1.3", + "readme": "# graceful-fs\n\ngraceful-fs functions as a drop-in replacement for the fs module,\nmaking various improvements.\n\nThe improvements are meant to normalize behavior across different\nplatforms and environments, and to make filesystem access more\nresilient to errors.\n\n## Improvements over [fs module](http://api.nodejs.org/fs.html)\n\ngraceful-fs:\n\n* Queues up `open` and `readdir` calls, and retries them once\n something closes if there is an EMFILE error from too many file\n descriptors.\n* fixes `lchmod` for Node versions prior to 0.6.2.\n* implements `fs.lutimes` if possible. Otherwise it becomes a noop.\n* ignores `EINVAL` and `EPERM` errors in `chown`, `fchown` or\n `lchown` if the user isn't root.\n* makes `lchmod` and `lchown` become noops, if not available.\n* retries reading a file if `read` results in EAGAIN error.\n\nOn Windows, it retries renaming a file for up to one second if `EACCESS`\nor `EPERM` error occurs, likely because antivirus software has locked\nthe directory.\n\n## USAGE\n\n```javascript\n// use just like fs\nvar fs = require('graceful-fs')\n\n// now go and do stuff with it...\nfs.readFileSync('some-file-or-whatever')\n```\n\n## Global Patching\n\nIf you want to patch the global fs module (or any other fs-like\nmodule) you can do this:\n\n```javascript\n// Make sure to read the caveat below.\nvar realFs = require('fs')\nvar gracefulFs = require('graceful-fs')\ngracefulFs.gracefulify(realFs)\n```\n\nThis should only ever be done at the top-level application layer, in\norder to delay on EMFILE errors from any fs-using dependencies. You\nshould **not** do this in a library, because it can cause unexpected\ndelays in other parts of the program.\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\graceful-fs", + "error": "[Circular]", + "extraneous": false + }, + "parse-json": { + "_args": [ + [ + "parse-json@^2.2.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/load-json-file" + ], + [ + "parse-json@2.2.0", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "parse-json@>=2.2.0 <3.0.0", + "_id": "parse-json@2.2.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/parse-json", + "_nodeVersion": "0.12.7", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.11.3", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "parse-json@2.2.0", + "name": "parse-json", + "escapedName": "parse-json", + "rawSpec": "2.2.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.2.0" + }, + "_requiredBy": [ + "/bundle-dependencies/load-json-file" + ], + "_resolved": "https://registry.npmjs.org/parse-json/-/parse-json-2.2.0.tgz", + "_shasum": "f480f40434ef80741f8469099f8dea18f55a4dc9", + "_shrinkwrap": "[Circular]", + "_spec": "2.2.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/parse-json/issues" + }, + "dependencies": { + "error-ex": { + "_args": [ + [ + "error-ex@^1.2.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/parse-json" + ], + [ + "error-ex@1.3.0", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "error-ex@>=1.2.0 <2.0.0", + "_id": "error-ex@1.3.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/error-ex", + "_nodeVersion": "4.1.1", + "_npmUser": { + "email": "i.am.qix@gmail.com", + "name": "qix" + }, + "_npmVersion": "3.3.6", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "error-ex@1.3.0", + "name": "error-ex", + "escapedName": "error-ex", + "rawSpec": "1.3.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.3.0" + }, + "_requiredBy": [ + "/bundle-dependencies/parse-json" + ], + "_resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.0.tgz", + "_shasum": "e67b43f3e82c96ea3a584ffee0b9fc3325d802d9", + "_shrinkwrap": "[Circular]", + "_spec": "1.3.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "bugs": { + "url": "https://github.com/qix-/node-error-ex/issues" + }, + "dependencies": { + "is-arrayish": { + "_args": [ + [ + "is-arrayish@^0.2.1", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/error-ex" + ], + [ + "is-arrayish@0.2.1", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "is-arrayish@>=0.2.1 <0.3.0", + "_id": "is-arrayish@0.2.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/is-arrayish", + "_nodeVersion": "0.12.7", + "_npmUser": { + "email": "i.am.qix@gmail.com", + "name": "qix" + }, + "_npmVersion": "3.2.2", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "is-arrayish@0.2.1", + "name": "is-arrayish", + "escapedName": "is-arrayish", + "rawSpec": "0.2.1", + "saveSpec": "[Circular]", + "fetchSpec": "0.2.1" + }, + "_requiredBy": [ + "/bundle-dependencies/error-ex" + ], + "_resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", + "_shasum": "77c99840527aa8ecb1a8ba697b80645a7a926a9d", + "_shrinkwrap": "[Circular]", + "_spec": "0.2.1", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Qix", + "url": "http://github.com/qix-" + }, + "bugs": { + "url": "https://github.com/qix-/node-is-arrayish/issues" + }, + "dependencies": {}, + "description": "Determines if an object can be used as an array", + "devDependencies": { + "coffee-script": "^1.9.3", + "coveralls": "^2.11.2", + "istanbul": "^0.3.17", + "mocha": "^2.2.5", + "should": "^7.0.1", + "xo": "^0.6.1" + }, + "directories": {}, + "dist": { + "shasum": "77c99840527aa8ecb1a8ba697b80645a7a926a9d", + "tarball": "http://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz" + }, + "gitHead": "53f22aa6ce557d7d31a3d1152a590a2df220df9d", + "homepage": "https://github.com/qix-/node-is-arrayish#readme", + "keywords": [ + "is", + "array", + "duck", + "type", + "arrayish", + "similar", + "proto", + "prototype", + "type" + ], + "license": "MIT", + "maintainers": [ + { + "name": "qix", + "email": "i.am.qix@gmail.com" + } + ], + "name": "is-arrayish", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/qix-/node-is-arrayish.git" + }, + "scripts": { + "pretest": "xo", + "test": "mocha --compilers coffee:coffee-script/register" + }, + "version": "0.2.1", + "readme": "# node-is-arrayish [![Travis-CI.org Build Status](https://img.shields.io/travis/Qix-/node-is-arrayish.svg?style=flat-square)](https://travis-ci.org/Qix-/node-is-arrayish) [![Coveralls.io Coverage Rating](https://img.shields.io/coveralls/Qix-/node-is-arrayish.svg?style=flat-square)](https://coveralls.io/r/Qix-/node-is-arrayish)\n> Determines if an object can be used like an Array\n\n## Example\n```javascript\nvar isArrayish = require('is-arrayish');\n\nisArrayish([]); // true\nisArrayish({__proto__: []}); // true\nisArrayish({}); // false\nisArrayish({length:10}); // false\n```\n\n## License\nLicensed under the [MIT License](http://opensource.org/licenses/MIT).\nYou can find a copy of it in [LICENSE](LICENSE).\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\is-arrayish", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Easy error subclassing and stack customization", + "devDependencies": { + "coffee-script": "^1.9.3", + "coveralls": "^2.11.2", + "istanbul": "^0.3.17", + "mocha": "^2.2.5", + "should": "^7.0.1", + "xo": "^0.7.1" + }, + "directories": {}, + "dist": { + "shasum": "e67b43f3e82c96ea3a584ffee0b9fc3325d802d9", + "tarball": "http://registry.npmjs.org/error-ex/-/error-ex-1.3.0.tgz" + }, + "files": [ + "index.js" + ], + "gitHead": "118bb63206f736f2450480e73f9d7d22692ae328", + "homepage": "https://github.com/qix-/node-error-ex#readme", + "keywords": [ + "error", + "errors", + "extend", + "extending", + "extension", + "subclass", + "stack", + "custom" + ], + "license": "MIT", + "maintainers": [ + { + "name": "qix", + "email": "i.am.qix@gmail.com" + }, + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "error-ex", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/qix-/node-error-ex.git" + }, + "scripts": { + "pretest": "xo", + "test": "mocha --compilers coffee:coffee-script/register" + }, + "version": "1.3.0", + "xo": { + "rules": { + "operator-linebreak": [ + 0 + ] + } + }, + "readme": "# node-error-ex [![Travis-CI.org Build Status](https://img.shields.io/travis/Qix-/node-error-ex.svg?style=flat-square)](https://travis-ci.org/Qix-/node-error-ex) [![Coveralls.io Coverage Rating](https://img.shields.io/coveralls/Qix-/node-error-ex.svg?style=flat-square)](https://coveralls.io/r/Qix-/node-error-ex)\n> Easily subclass and customize new Error types\n\n## Examples\nTo include in your project:\n```javascript\nvar errorEx = require('error-ex');\n```\n\nTo create an error message type with a specific name (note, that `ErrorFn.name`\nwill not reflect this):\n```javascript\nvar JSONError = errorEx('JSONError');\n\nvar err = new JSONError('error');\nerr.name; //-> JSONError\nthrow err; //-> JSONError: error\n```\n\nTo add a stack line:\n```javascript\nvar JSONError = errorEx('JSONError', {fileName: errorEx.line('in %s')});\n\nvar err = new JSONError('error')\nerr.fileName = '/a/b/c/foo.json';\nthrow err; //-> (line 2)-> in /a/b/c/foo.json\n```\n\nTo append to the error message:\n```javascript\nvar JSONError = errorEx('JSONError', {fileName: errorEx.append('in %s')});\n\nvar err = new JSONError('error');\nerr.fileName = '/a/b/c/foo.json';\nthrow err; //-> JSONError: error in /a/b/c/foo.json\n```\n\n## API\n\n#### `errorEx([name], [properties])`\nCreates a new ErrorEx error type\n\n- `name`: the name of the new type (appears in the error message upon throw;\n defaults to `Error.name`)\n- `properties`: if supplied, used as a key/value dictionary of properties to\n use when building up the stack message. Keys are property names that are\n looked up on the error message, and then passed to function values.\n\t- `line`: if specified and is a function, return value is added as a stack\n entry (error-ex will indent for you). Passed the property value given\n the key.\n - `stack`: if specified and is a function, passed the value of the property\n using the key, and the raw stack lines as a second argument. Takes no\n return value (but the stack can be modified directly).\n - `message`: if specified and is a function, return value is used as new\n `.message` value upon get. Passed the property value of the property named\n by key, and the existing message is passed as the second argument as an\n array of lines (suitable for multi-line messages).\n\nReturns a constructor (Function) that can be used just like the regular Error\nconstructor.\n\n```javascript\nvar errorEx = require('error-ex');\n\nvar BasicError = errorEx();\n\nvar NamedError = errorEx('NamedError');\n\n// --\n\nvar AdvancedError = errorEx('AdvancedError', {\n\tfoo: {\n\t\tline: function (value, stack) {\n\t\t\tif (value) {\n\t\t\t\treturn 'bar ' + value;\n\t\t\t}\n\t\t\treturn null;\n\t\t}\n\t}\n}\n\nvar err = new AdvancedError('hello, world');\nerr.foo = 'baz';\nthrow err;\n\n/*\n\tAdvancedError: hello, world\n\t bar baz\n\t at tryReadme() (readme.js:20:1)\n*/\n```\n\n#### `errorEx.line(str)`\nCreates a stack line using a delimiter\n\n> This is a helper function. It is to be used in lieu of writing a value object\n> for `properties` values.\n\n- `str`: The string to create\n - Use the delimiter `%s` to specify where in the string the value should go\n\n```javascript\nvar errorEx = require('error-ex');\n\nvar FileError = errorEx('FileError', {fileName: errorEx.line('in %s')});\n\nvar err = new FileError('problem reading file');\nerr.fileName = '/a/b/c/d/foo.js';\nthrow err;\n\n/*\n\tFileError: problem reading file\n\t in /a/b/c/d/foo.js\n\t at tryReadme() (readme.js:7:1)\n*/\n```\n\n#### `errorEx.append(str)`\nAppends to the `error.message` string\n\n> This is a helper function. It is to be used in lieu of writing a value object\n> for `properties` values.\n\n- `str`: The string to append\n - Use the delimiter `%s` to specify where in the string the value should go\n\n```javascript\nvar errorEx = require('error-ex');\n\nvar SyntaxError = errorEx('SyntaxError', {fileName: errorEx.append('in %s')});\n\nvar err = new SyntaxError('improper indentation');\nerr.fileName = '/a/b/c/d/foo.js';\nthrow err;\n\n/*\n\tSyntaxError: improper indentation in /a/b/c/d/foo.js\n\t at tryReadme() (readme.js:7:1)\n*/\n```\n\n## License\nLicensed under the [MIT License](http://opensource.org/licenses/MIT).\nYou can find a copy of it in [LICENSE](LICENSE).\n", + "readmeFilename": "README.md", + "_dependencies": { + "is-arrayish": "^0.2.1" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\error-ex", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Parse JSON with more helpful errors", + "devDependencies": { + "ava": "0.0.4", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "f480f40434ef80741f8469099f8dea18f55a4dc9", + "tarball": "http://registry.npmjs.org/parse-json/-/parse-json-2.2.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js", + "vendor" + ], + "gitHead": "419b0cbb83e67af53f9fd3f7ff98605ea2020eb6", + "homepage": "https://github.com/sindresorhus/parse-json", + "keywords": [ + "parse", + "json", + "graceful", + "error", + "message", + "humanize", + "friendly", + "helpful", + "string", + "str" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "parse-json", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/parse-json.git" + }, + "scripts": { + "test": "xo && node test.js" + }, + "version": "2.2.0", + "xo": { + "ignores": [ + "vendor/**" + ] + }, + "readme": "# parse-json [![Build Status](https://travis-ci.org/sindresorhus/parse-json.svg?branch=master)](https://travis-ci.org/sindresorhus/parse-json)\n\n> Parse JSON with more helpful errors\n\n\n## Install\n\n```\n$ npm install --save parse-json\n```\n\n\n## Usage\n\n```js\nvar parseJson = require('parse-json');\nvar json = '{\\n\\t\"foo\": true,\\n}';\n\n\nJSON.parse(json);\n/*\nundefined:3\n}\n^\nSyntaxError: Unexpected token }\n*/\n\n\nparseJson(json);\n/*\nJSONError: Trailing comma in object at 3:1\n}\n^\n*/\n\n\nparseJson(json, 'foo.json');\n/*\nJSONError: Trailing comma in object at 3:1 in foo.json\n}\n^\n*/\n\n\n// you can also add the filename at a later point\ntry {\n\tparseJson(json);\n} catch (err) {\n\terr.fileName = 'foo.json';\n\tthrow err;\n}\n/*\nJSONError: Trailing comma in object at 3:1 in foo.json\n}\n^\n*/\n```\n\n## API\n\n### parseJson(input, [reviver], [filename])\n\n#### input\n\nType: `string`\n\n#### reviver\n\nType: `function`\n\nPrescribes how the value originally produced by parsing is transformed, before being returned. See [`JSON.parse` docs](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/parse#Using_the_reviver_parameter\n) for more.\n\n#### filename\n\nType: `string`\n\nFilename displayed in the error message.\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "error-ex": "^1.2.0" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\parse-json", + "error": "[Circular]", + "extraneous": false + }, + "pify": { + "_args": [ + [ + "pify@^2.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/load-json-file" + ], + [ + "pify@2.3.0", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "pify@>=2.0.0 <3.0.0", + "_id": "pify@2.3.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/pify", + "_nodeVersion": "4.2.1", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.14.7", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "pify@2.3.0", + "name": "pify", + "escapedName": "pify", + "rawSpec": "2.3.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.3.0" + }, + "_requiredBy": [ + "/bundle-dependencies/load-json-file", + "/bundle-dependencies/path-type" + ], + "_resolved": "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz", + "_shasum": "ed141a6ac043a849ea588498e7dca8b15330e90c", + "_shrinkwrap": "[Circular]", + "_spec": "2.3.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/pify/issues" + }, + "dependencies": {}, + "description": "Promisify a callback-style function", + "devDependencies": { + "ava": "*", + "pinkie-promise": "^1.0.0", + "v8-natives": "0.0.2", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "ed141a6ac043a849ea588498e7dca8b15330e90c", + "tarball": "http://registry.npmjs.org/pify/-/pify-2.3.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "2dd0d8b880e4ebcc5cc33ae126b02647418e4440", + "homepage": "https://github.com/sindresorhus/pify", + "keywords": [ + "promise", + "promises", + "promisify", + "denodify", + "denodeify", + "callback", + "cb", + "node", + "then", + "thenify", + "convert", + "transform", + "wrap", + "wrapper", + "bind", + "to", + "async", + "es2015" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "pify", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/pify.git" + }, + "scripts": { + "optimization-test": "node --allow-natives-syntax optimization-test.js", + "test": "xo && ava && npm run optimization-test" + }, + "version": "2.3.0", + "readme": "# pify [![Build Status](https://travis-ci.org/sindresorhus/pify.svg?branch=master)](https://travis-ci.org/sindresorhus/pify)\n\n> Promisify a callback-style function\n\n\n## Install\n\n```\n$ npm install --save pify\n```\n\n\n## Usage\n\n```js\nconst fs = require('fs');\nconst pify = require('pify');\n\n// promisify a single function\n\npify(fs.readFile)('package.json', 'utf8').then(data => {\n\tconsole.log(JSON.parse(data).name);\n\t//=> 'pify'\n});\n\n// or promisify all methods in a module\n\npify(fs).readFile('package.json', 'utf8').then(data => {\n\tconsole.log(JSON.parse(data).name);\n\t//=> 'pify'\n});\n```\n\n\n## API\n\n### pify(input, [promiseModule], [options])\n\nReturns a promise wrapped version of the supplied function or module.\n\n#### input\n\nType: `function`, `object`\n\nCallback-style function or module whose methods you want to promisify.\n\n#### promiseModule\n\nType: `function`\n\nCustom promise module to use instead of the native one.\n\nCheck out [`pinkie-promise`](https://github.com/floatdrop/pinkie-promise) if you need a tiny promise polyfill.\n\n#### options\n\n##### multiArgs\n\nType: `boolean` \nDefault: `false`\n\nBy default, the promisified function will only return the second argument from the callback, which works fine for most APIs. This option can be useful for modules like `request` that return multiple arguments. Turning this on will make it return an array of all arguments from the callback, excluding the error argument, instead of just the second argument.\n\n```js\nconst request = require('request');\nconst pify = require('pify');\n\npify(request, {multiArgs: true})('https://sindresorhus.com').then(result => {\n\tconst [httpResponse, body] = result;\n});\n```\n\n##### include\n\nType: `array` of (`string`|`regex`)\n\nMethods in a module to promisify. Remaining methods will be left untouched.\n\n##### exclude\n\nType: `array` of (`string`|`regex`) \nDefault: `[/.+Sync$/]`\n\nMethods in a module **not** to promisify. Methods with names ending with `'Sync'` are excluded by default.\n\n##### excludeMain\n\nType: `boolean` \nDefault: `false`\n\nBy default, if given module is a function itself, this function will be promisified. Turn this option on if you want to promisify only methods of the module.\n\n```js\nconst pify = require('pify');\n\nfunction fn() {\n\treturn true;\n}\n\nfn.method = (data, callback) => {\n\tsetImmediate(() => {\n\t\tcallback(data, null);\n\t});\n};\n\n// promisify methods but not fn()\nconst promiseFn = pify(fn, {excludeMain: true});\n\nif (promiseFn()) {\n\tpromiseFn.method('hi').then(data => {\n\t\tconsole.log(data);\n\t});\n}\n```\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pify", + "error": "[Circular]", + "extraneous": false + }, + "pinkie-promise": { + "_args": "[Circular]", + "_from": "pinkie-promise@>=2.0.0 <3.0.0", + "_id": "pinkie-promise@2.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/pinkie-promise", + "_nodeVersion": "4.2.0", + "_npmUser": "[Circular]", + "_npmVersion": "2.14.7", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "pinkie-promise@2.0.0", + "name": "pinkie-promise", + "escapedName": "pinkie-promise", + "rawSpec": "2.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.0.0" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/pinkie-promise/-/pinkie-promise-2.0.0.tgz", + "_shasum": "4c83538de1f6e660c29e0a13446844f7a7e88259", + "_shrinkwrap": "[Circular]", + "_spec": "2.0.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "ES2015 Promise ponyfill", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "f90fcae9838bcae7ae1ae4ebc9b29f11e5db4980", + "homepage": "https://github.com/floatdrop/pinkie-promise", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "pinkie-promise", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "2.0.0", + "readme": "# pinkie-promise [![Build Status](https://travis-ci.org/floatdrop/pinkie-promise.svg?branch=master)](https://travis-ci.org/floatdrop/pinkie-promise)\n\n> [ES2015 Promise](https://people.mozilla.org/~jorendorff/es6-draft.html#sec-promise-objects) ponyfill\n\nModule exports global Promise object (if available) or [`pinkie`](http://github.com/floatdrop/pinkie) Promise polyfill.\n\n## Install\n\n```\n$ npm install --save pinkie-promise\n```\n\n## Usage\n\n```js\nvar Promise = require('pinkie-promise');\n\nnew Promise(function (resolve) { resolve('unicorns'); });\n//=> Promise { 'unicorns' }\n```\n\n## Related\n\n- [pify](https://github.com/sindresorhus/pify) - Promisify a callback-style function\n\n## License\n\nMIT © [Vsevolod Strukchinsky](http://github.com/floatdrop)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pinkie-promise", + "error": "[Circular]", + "extraneous": false, + "_deduped": "node_modules\\bundle-dependencies\\node_modules\\pinkie-promise" + }, + "strip-bom": { + "_args": [ + [ + "strip-bom@^2.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/load-json-file" + ], + [ + "strip-bom@2.0.0", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "strip-bom@>=2.0.0 <3.0.0", + "_id": "strip-bom@2.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/strip-bom", + "_nodeVersion": "0.12.5", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.11.2", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "strip-bom@2.0.0", + "name": "strip-bom", + "escapedName": "strip-bom", + "rawSpec": "2.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/load-json-file" + ], + "_resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-2.0.0.tgz", + "_shasum": "6219a85616520491f35788bdbf1447a99c7e6b0e", + "_shrinkwrap": "[Circular]", + "_spec": "2.0.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/strip-bom/issues" + }, + "dependencies": { + "is-utf8": { + "_args": [ + [ + "is-utf8@^0.2.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/strip-bom" + ], + [ + "is-utf8@0.2.1", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "is-utf8@>=0.2.0 <0.3.0", + "_id": "is-utf8@0.2.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/is-utf8", + "_nodeVersion": "2.3.4", + "_npmUser": { + "email": "whyer1@gmail.com", + "name": "wayfind" + }, + "_npmVersion": "2.12.1", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "is-utf8@0.2.1", + "name": "is-utf8", + "escapedName": "is-utf8", + "rawSpec": "0.2.1", + "saveSpec": "[Circular]", + "fetchSpec": "0.2.1" + }, + "_requiredBy": [ + "/bundle-dependencies/strip-bom" + ], + "_resolved": "https://registry.npmjs.org/is-utf8/-/is-utf8-0.2.1.tgz", + "_shasum": "4b0da1442104d1b336340e80797e865cf39f7d72", + "_shrinkwrap": "[Circular]", + "_spec": "0.2.1", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "wayfind" + }, + "bugs": { + "url": "https://github.com/wayfind/is-utf8/issues" + }, + "dependencies": {}, + "description": "Detect if a buffer is utf8 encoded.", + "devDependencies": {}, + "directories": {}, + "dist": { + "shasum": "4b0da1442104d1b336340e80797e865cf39f7d72", + "tarball": "http://registry.npmjs.org/is-utf8/-/is-utf8-0.2.1.tgz" + }, + "files": [ + "is-utf8.js" + ], + "gitHead": "709df7202f9c3f93cdc2463b352dd80d8de9ce0b", + "homepage": "https://github.com/wayfind/is-utf8#readme", + "keywords": [ + "utf8", + "charset" + ], + "license": "MIT", + "main": "is-utf8.js", + "maintainers": [ + { + "name": "wayfind", + "email": "whyer1@gmail.com" + } + ], + "name": "is-utf8", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/wayfind/is-utf8.git" + }, + "scripts": { + "test": "node test.js" + }, + "version": "0.2.1", + "readme": "#utf8 detector\n\nDetect if a Buffer is utf8 encoded. \nIt need The minimum amount of bytes is 4.\n\n\n```javascript\n var fs = require('fs');\n var isUtf8 = require('is-utf8');\n var ansi = fs.readFileSync('ansi.txt');\n var utf8 = fs.readFileSync('utf8.txt');\n \n console.log('ansi.txt is utf8: '+isUtf8(ansi)); //false\n console.log('utf8.txt is utf8: '+isUtf8(utf8)); //true\n```\n \n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\is-utf8", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Strip UTF-8 byte order mark (BOM) from a string/buffer", + "devDependencies": { + "mocha": "*" + }, + "directories": {}, + "dist": { + "shasum": "6219a85616520491f35788bdbf1447a99c7e6b0e", + "tarball": "http://registry.npmjs.org/strip-bom/-/strip-bom-2.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "851b9c126dba9561cc14ef3dc2634dcc11df4d11", + "homepage": "https://github.com/sindresorhus/strip-bom", + "keywords": [ + "bom", + "strip", + "byte", + "mark", + "unicode", + "utf8", + "utf-8", + "remove", + "delete", + "trim", + "text", + "buffer", + "string" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "strip-bom", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/strip-bom.git" + }, + "scripts": { + "test": "mocha" + }, + "version": "2.0.0", + "readme": "# strip-bom [![Build Status](https://travis-ci.org/sindresorhus/strip-bom.svg?branch=master)](https://travis-ci.org/sindresorhus/strip-bom)\n\n> Strip UTF-8 [byte order mark](http://en.wikipedia.org/wiki/Byte_order_mark#UTF-8) (BOM) from a string/buffer\n\nFrom Wikipedia:\n\n> The Unicode Standard permits the BOM in UTF-8, but does not require nor recommend its use. Byte order has no meaning in UTF-8.\n\n\n## Install\n\n```\n$ npm install --save strip-bom\n```\n\n\n## Usage\n\n```js\nvar fs = require('fs');\nvar stripBom = require('strip-bom');\n\nstripBom('\\uFEFFunicorn');\n//=> 'unicorn'\n\nstripBom(fs.readFileSync('unicorn.txt'));\n//=> 'unicorn'\n```\n\n\n## Related\n\n- [strip-bom-cli](https://github.com/sindresorhus/strip-bom-cli) - CLI for this module\n- [strip-bom-stream](https://github.com/sindresorhus/strip-bom-stream) - Stream version of this module\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "is-utf8": "^0.2.0" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\strip-bom", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Read and parse a JSON file", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "956905708d58b4bab4c2261b04f59f31c99374c0", + "tarball": "http://registry.npmjs.org/load-json-file/-/load-json-file-1.1.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "115157a417380d3160da418d4ff25bb33b0051eb", + "homepage": "https://github.com/sindresorhus/load-json-file", + "keywords": [ + "json", + "read", + "parse", + "file", + "fs", + "graceful", + "load" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "load-json-file", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/load-json-file.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "1.1.0", + "xo": { + "ignores": [ + "test.js" + ] + }, + "readme": "# load-json-file [![Build Status](https://travis-ci.org/sindresorhus/load-json-file.svg?branch=master)](https://travis-ci.org/sindresorhus/load-json-file)\n\n> Read and parse a JSON file\n\n[Strips UTF-8 BOM](https://github.com/sindresorhus/strip-bom), uses [`graceful-fs`](https://github.com/isaacs/node-graceful-fs), and throws more [helpful JSON errors](https://github.com/sindresorhus/parse-json).\n\n\n## Install\n\n```\n$ npm install --save load-json-file\n```\n\n\n## Usage\n\n```js\nconst loadJsonFile = require('load-json-file');\n\nloadJsonFile('foo.json').then(json => {\n\tconsole.log(json);\n\t//=> {foo: true}\n});\n```\n\n\n## API\n\n### loadJsonFile(filepath)\n\nReturns a promise that resolves to the parsed JSON.\n\n### loadJsonFile.sync(filepath)\n\nReturns the parsed JSON.\n\n\n## Related\n\n- [write-json-file](https://github.com/sindresorhus/write-json-file) - Stringify and write JSON to a file atomically\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "graceful-fs": "^4.1.2", + "parse-json": "^2.2.0", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0", + "strip-bom": "^2.0.0" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\load-json-file", + "error": "[Circular]", + "extraneous": false + }, + "normalize-package-data": { + "_args": [ + [ + "normalize-package-data@^2.3.2", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/read-pkg" + ], + [ + "normalize-package-data@2.3.5", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "normalize-package-data@>=2.3.2 <3.0.0", + "_id": "normalize-package-data@2.3.5", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/normalize-package-data", + "_nodeVersion": "5.0.0", + "_npmUser": { + "email": "me@re-becca.org", + "name": "iarna" + }, + "_npmVersion": "3.3.6", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "normalize-package-data@2.3.5", + "name": "normalize-package-data", + "escapedName": "normalize-package-data", + "rawSpec": "2.3.5", + "saveSpec": "[Circular]", + "fetchSpec": "2.3.5" + }, + "_requiredBy": [ + "/bundle-dependencies/read-pkg" + ], + "_resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.3.5.tgz", + "_shasum": "8d924f142960e1777e7ffe170543631cc7cb02df", + "_shrinkwrap": "[Circular]", + "_spec": "2.3.5", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Meryn Stol", + "email": "merynstol@gmail.com" + }, + "bugs": { + "url": "https://github.com/npm/normalize-package-data/issues" + }, + "contributors": [ + { + "name": "Isaac Z. Schlueter", + "email": "i@izs.me" + }, + { + "name": "Meryn Stol", + "email": "merynstol@gmail.com" + }, + { + "name": "Robert Kowalski", + "email": "rok@kowalski.gd" + } + ], + "dependencies": { + "hosted-git-info": { + "_args": [ + [ + "hosted-git-info@^2.1.4", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/normalize-package-data" + ], + [ + "hosted-git-info@2.1.4", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "hosted-git-info@>=2.1.4 <3.0.0", + "_id": "hosted-git-info@2.1.4", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/hosted-git-info", + "_nodeVersion": "2.0.2", + "_npmUser": { + "email": "ogd@aoaioxxysz.net", + "name": "othiym23" + }, + "_npmVersion": "2.10.1", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "hosted-git-info@2.1.4", + "name": "hosted-git-info", + "escapedName": "hosted-git-info", + "rawSpec": "2.1.4", + "saveSpec": "[Circular]", + "fetchSpec": "2.1.4" + }, + "_requiredBy": [ + "/bundle-dependencies/normalize-package-data" + ], + "_resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.1.4.tgz", + "_shasum": "d9e953b26988be88096c46e926494d9604c300f8", + "_shrinkwrap": "[Circular]", + "_spec": "2.1.4", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Rebecca Turner", + "email": "me@re-becca.org", + "url": "http://re-becca.org" + }, + "bugs": { + "url": "https://github.com/npm/hosted-git-info/issues" + }, + "dependencies": {}, + "description": "Provides metadata and conversions from repository urls for Github, Bitbucket and Gitlab", + "devDependencies": { + "standard": "^3.3.2", + "tap": "^0.4.13" + }, + "directories": {}, + "dist": { + "shasum": "d9e953b26988be88096c46e926494d9604c300f8", + "tarball": "http://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.1.4.tgz" + }, + "gitHead": "9e1a36df8eb050a663713c79e56d89dadba2bd8d", + "homepage": "https://github.com/npm/hosted-git-info", + "keywords": [ + "git", + "github", + "bitbucket", + "gitlab" + ], + "license": "ISC", + "main": "index.js", + "maintainers": [ + { + "name": "iarna", + "email": "me@re-becca.org" + }, + { + "name": "othiym23", + "email": "ogd@aoaioxxysz.net" + } + ], + "name": "hosted-git-info", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/npm/hosted-git-info.git" + }, + "scripts": { + "test": "standard && tap test/*.js" + }, + "version": "2.1.4", + "readme": "# hosted-git-info\n\nThis will let you identify and transform various git hosts URLs between\nprotocols. It also can tell you what the URL is for the raw path for\nparticular file for direct access without git.\n\n## Usage\n\n```javascript\nvar hostedGitInfo = require(\"hosted-git-info\")\nvar info = hostedGitInfo.fromUrl(\"git@github.com:npm/hosted-git-info.git\")\n/* info looks like:\n{\n type: \"github\",\n domain: \"github.com\",\n user: \"npm\",\n project: \"hosted-git-info\"\n}\n*/\n```\n\nIf the URL can't be matched with a git host, `null` will be returned. We\ncan match git, ssh and https urls. Additionally, we can match ssh connect\nstrings (`git@github.com:npm/hosted-git-info`) and shortcuts (eg,\n`github:npm/hosted-git-info`). Github specifically, is detected in the case\nof a third, unprefixed, form: `npm/hosted-git-info`.\n\nIf it does match, the returned object has properties of:\n\n* info.type -- The short name of the service\n* info.domain -- The domain for git protocol use\n* info.user -- The name of the user/org on the git host\n* info.project -- The name of the project on the git host\n\nAnd methods of:\n\n* info.file(path)\n\nGiven the path of a file relative to the repository, returns a URL for\ndirectly fetching it from the githost. If no committish was set then\n`master` will be used as the default.\n\nFor example `hostedGitInfo.fromUrl(\"git@github.com:npm/hosted-git-info.git#v1.0.0\").file(\"package.json\")`\nwould return `https://raw.githubusercontent.com/npm/hosted-git-info/v1.0.0/package.json`\n\n* info.shortcut()\n\neg, `github:npm/hosted-git-info`\n\n* info.browse()\n\neg, `https://github.com/npm/hosted-git-info/tree/v1.2.0`\n\n* info.bugs()\n\neg, `https://github.com/npm/hosted-git-info/issues`\n\n* info.docs()\n\neg, `https://github.com/npm/hosted-git-info/tree/v1.2.0#readme`\n\n* info.https()\n\neg, `git+https://github.com/npm/hosted-git-info.git`\n\n* info.sshurl()\n\neg, `git+ssh://git@github.com/npm/hosted-git-info.git`\n\n* info.ssh()\n\neg, `git@github.com:npm/hosted-git-info.git`\n\n* info.path()\n\neg, `npm/hosted-git-info`\n\n* info.getDefaultRepresentation()\n\nReturns the default output type. The default output type is based on the\nstring you passed in to be parsed\n\n* info.toString()\n\nUses the getDefaultRepresentation to call one of the other methods to get a URL for\nthis resource. As such `hostedGitInfo.fromUrl(url).toString()` will give\nyou a normalized version of the URL that still uses the same protocol.\n\nShortcuts will still be returned as shortcuts, but the special case github\nform of `org/project` will be normalized to `github:org/project`.\n\nSSH connect strings will be normalized into `git+ssh` URLs.\n\n\n## Supported hosts\n\nCurrently this supports Github, Bitbucket and Gitlab. Pull requests for\nadditional hosts welcome.\n\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\hosted-git-info", + "error": "[Circular]", + "extraneous": false + }, + "is-builtin-module": { + "_args": [ + [ + "is-builtin-module@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/normalize-package-data" + ], + [ + "is-builtin-module@1.0.0", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "is-builtin-module@>=1.0.0 <2.0.0", + "_id": "is-builtin-module@1.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/is-builtin-module", + "_nodeVersion": "0.12.2", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.7.4", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "is-builtin-module@1.0.0", + "name": "is-builtin-module", + "escapedName": "is-builtin-module", + "rawSpec": "1.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/normalize-package-data" + ], + "_resolved": "https://registry.npmjs.org/is-builtin-module/-/is-builtin-module-1.0.0.tgz", + "_shasum": "540572d34f7ac3119f8f76c30cbc1b1e037affbe", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/is-builtin-module/issues" + }, + "dependencies": { + "builtin-modules": { + "_args": [ + [ + "builtin-modules@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/is-builtin-module" + ], + [ + "builtin-modules@1.1.1", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "builtin-modules@>=1.0.0 <2.0.0", + "_id": "builtin-modules@1.1.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/builtin-modules", + "_nodeVersion": "5.3.0", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "3.3.12", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "builtin-modules@1.1.1", + "name": "builtin-modules", + "escapedName": "builtin-modules", + "rawSpec": "1.1.1", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.1" + }, + "_requiredBy": [ + "/bundle-dependencies/is-builtin-module" + ], + "_resolved": "https://registry.npmjs.org/builtin-modules/-/builtin-modules-1.1.1.tgz", + "_shasum": "270f076c5a72c02f5b65a47df94c5fe3a278892f", + "_shrinkwrap": "[Circular]", + "_spec": "1.1.1", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/builtin-modules/issues" + }, + "dependencies": {}, + "description": "List of the Node.js builtin modules", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "270f076c5a72c02f5b65a47df94c5fe3a278892f", + "tarball": "http://registry.npmjs.org/builtin-modules/-/builtin-modules-1.1.1.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js", + "static.js", + "builtin-modules.json" + ], + "gitHead": "0ea253452b1d8cb3a70d16464f909dbc0bc370fe", + "homepage": "https://github.com/sindresorhus/builtin-modules#readme", + "keywords": [ + "builtin", + "built-in", + "builtins", + "node", + "modules", + "core", + "bundled", + "list", + "array", + "names" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "builtin-modules", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/builtin-modules.git" + }, + "scripts": { + "make": "node make.js", + "test": "xo && ava" + }, + "version": "1.1.1", + "readme": "# builtin-modules [![Build Status](https://travis-ci.org/sindresorhus/builtin-modules.svg?branch=master)](https://travis-ci.org/sindresorhus/builtin-modules)\n\n> List of the Node.js builtin modules\n\nThe list is just a [JSON file](builtin-modules.json) and can be used wherever.\n\n\n## Install\n\n```\n$ npm install --save builtin-modules\n```\n\n\n## Usage\n\n```js\nvar builtinModules = require('builtin-modules');\n\nconsole.log(builinModules);\n//=> ['assert', 'buffer', ...]\n```\n\n\n## API\n\nReturns an array of builtin modules fetched from the running Node.js version.\n\n### Static list\n\nThis module also comes bundled with a static array of builtin modules generated from the latest Node.js version. You can get it with `require('builtin-modules/static');`\n\n\n## Related\n\n- [is-builtin-module](https://github.com/sindresorhus/is-builtin-module) - Check if a string matches the name of a Node.js builtin module\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\builtin-modules", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Check if a string matches the name of a Node.js builtin module", + "devDependencies": { + "ava": "0.0.4" + }, + "directories": {}, + "dist": { + "shasum": "540572d34f7ac3119f8f76c30cbc1b1e037affbe", + "tarball": "http://registry.npmjs.org/is-builtin-module/-/is-builtin-module-1.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "da55ebf031f3864c5d309e25e49ed816957d70a2", + "homepage": "https://github.com/sindresorhus/is-builtin-module", + "keywords": [ + "builtin", + "built-in", + "builtins", + "node", + "modules", + "core", + "bundled", + "list", + "array", + "names", + "is", + "detect", + "check", + "match" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "is-builtin-module", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/is-builtin-module.git" + }, + "scripts": { + "test": "node test.js" + }, + "version": "1.0.0", + "readme": "# is-builtin-module [![Build Status](https://travis-ci.org/sindresorhus/is-builtin-module.svg?branch=master)](https://travis-ci.org/sindresorhus/is-builtin-module)\n\n> Check if a string matches the name of a Node.js builtin module\n\n\n## Install\n\n```\n$ npm install --save is-builtin-module\n```\n\n\n## Usage\n\n```js\nvar isBuiltinModule = require('is-builtin-module');\n\nisBuiltinModule('fs');\n//=> true\n\nisBuiltinModule('unicorn');\n//=> false :(\n```\n\n\n## Related\n\n- [builtin-modules](https://github.com/sindresorhus/builtin-modules) - List of the Node.js builtin modules\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "builtin-modules": "^1.0.0" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\is-builtin-module", + "error": "[Circular]", + "extraneous": false + }, + "semver": { + "_args": [ + [ + "semver@2 || 3 || 4 || 5", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/normalize-package-data" + ], + [ + "semver@5.1.0", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "semver@>=2.0.0 <3.0.0||>=3.0.0 <4.0.0||>=4.0.0 <5.0.0||>=5.0.0 <6.0.0", + "_id": "semver@5.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/semver", + "_nodeVersion": "4.0.0", + "_npmUser": { + "email": "i@izs.me", + "name": "isaacs" + }, + "_npmVersion": "3.3.2", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "semver@5.1.0", + "name": "semver", + "escapedName": "semver", + "rawSpec": "5.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "5.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies/normalize-package-data" + ], + "_resolved": "https://registry.npmjs.org/semver/-/semver-5.1.0.tgz", + "_shasum": "85f2cf8550465c4df000cf7d86f6b054106ab9e5", + "_shrinkwrap": "[Circular]", + "_spec": "5.1.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "bin": { + "semver": "bin/semver" + }, + "bugs": { + "url": "https://github.com/npm/node-semver/issues" + }, + "dependencies": {}, + "description": "The semantic version parser used by npm.", + "devDependencies": { + "tap": "^2.0.0" + }, + "directories": {}, + "dist": { + "shasum": "85f2cf8550465c4df000cf7d86f6b054106ab9e5", + "tarball": "http://registry.npmjs.org/semver/-/semver-5.1.0.tgz" + }, + "gitHead": "8e33a30e62e40e4983d1c5f55e794331b861aadc", + "homepage": "https://github.com/npm/node-semver#readme", + "license": "ISC", + "main": "semver.js", + "maintainers": [ + { + "name": "isaacs", + "email": "isaacs@npmjs.com" + }, + { + "name": "othiym23", + "email": "ogd@aoaioxxysz.net" + } + ], + "name": "semver", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/npm/node-semver.git" + }, + "scripts": { + "test": "tap test/*.js" + }, + "version": "5.1.0", + "readme": "semver(1) -- The semantic versioner for npm\n===========================================\n\n## Usage\n\n $ npm install semver\n\n semver.valid('1.2.3') // '1.2.3'\n semver.valid('a.b.c') // null\n semver.clean(' =v1.2.3 ') // '1.2.3'\n semver.satisfies('1.2.3', '1.x || >=2.5.0 || 5.0.0 - 7.2.3') // true\n semver.gt('1.2.3', '9.8.7') // false\n semver.lt('1.2.3', '9.8.7') // true\n\nAs a command-line utility:\n\n $ semver -h\n\n Usage: semver [ [...]] [-r | -i | --preid | -l | -rv]\n Test if version(s) satisfy the supplied range(s), and sort them.\n\n Multiple versions or ranges may be supplied, unless increment\n option is specified. In that case, only a single version may\n be used, and it is incremented by the specified level\n\n Program exits successfully if any valid version satisfies\n all supplied ranges, and prints all satisfying versions.\n\n If no versions are valid, or ranges are not satisfied,\n then exits failure.\n\n Versions are printed in ascending order, so supplying\n multiple versions to the utility will just sort them.\n\n## Versions\n\nA \"version\" is described by the `v2.0.0` specification found at\n.\n\nA leading `\"=\"` or `\"v\"` character is stripped off and ignored.\n\n## Ranges\n\nA `version range` is a set of `comparators` which specify versions\nthat satisfy the range.\n\nA `comparator` is composed of an `operator` and a `version`. The set\nof primitive `operators` is:\n\n* `<` Less than\n* `<=` Less than or equal to\n* `>` Greater than\n* `>=` Greater than or equal to\n* `=` Equal. If no operator is specified, then equality is assumed,\n so this operator is optional, but MAY be included.\n\nFor example, the comparator `>=1.2.7` would match the versions\n`1.2.7`, `1.2.8`, `2.5.3`, and `1.3.9`, but not the versions `1.2.6`\nor `1.1.0`.\n\nComparators can be joined by whitespace to form a `comparator set`,\nwhich is satisfied by the **intersection** of all of the comparators\nit includes.\n\nA range is composed of one or more comparator sets, joined by `||`. A\nversion matches a range if and only if every comparator in at least\none of the `||`-separated comparator sets is satisfied by the version.\n\nFor example, the range `>=1.2.7 <1.3.0` would match the versions\n`1.2.7`, `1.2.8`, and `1.2.99`, but not the versions `1.2.6`, `1.3.0`,\nor `1.1.0`.\n\nThe range `1.2.7 || >=1.2.9 <2.0.0` would match the versions `1.2.7`,\n`1.2.9`, and `1.4.6`, but not the versions `1.2.8` or `2.0.0`.\n\n### Prerelease Tags\n\nIf a version has a prerelease tag (for example, `1.2.3-alpha.3`) then\nit will only be allowed to satisfy comparator sets if at least one\ncomparator with the same `[major, minor, patch]` tuple also has a\nprerelease tag.\n\nFor example, the range `>1.2.3-alpha.3` would be allowed to match the\nversion `1.2.3-alpha.7`, but it would *not* be satisfied by\n`3.4.5-alpha.9`, even though `3.4.5-alpha.9` is technically \"greater\nthan\" `1.2.3-alpha.3` according to the SemVer sort rules. The version\nrange only accepts prerelease tags on the `1.2.3` version. The\nversion `3.4.5` *would* satisfy the range, because it does not have a\nprerelease flag, and `3.4.5` is greater than `1.2.3-alpha.7`.\n\nThe purpose for this behavior is twofold. First, prerelease versions\nfrequently are updated very quickly, and contain many breaking changes\nthat are (by the author's design) not yet fit for public consumption.\nTherefore, by default, they are excluded from range matching\nsemantics.\n\nSecond, a user who has opted into using a prerelease version has\nclearly indicated the intent to use *that specific* set of\nalpha/beta/rc versions. By including a prerelease tag in the range,\nthe user is indicating that they are aware of the risk. However, it\nis still not appropriate to assume that they have opted into taking a\nsimilar risk on the *next* set of prerelease versions.\n\n#### Prerelease Identifiers\n\nThe method `.inc` takes an additional `identifier` string argument that\nwill append the value of the string as a prerelease identifier:\n\n```javascript\n> semver.inc('1.2.3', 'prerelease', 'beta')\n'1.2.4-beta.0'\n```\n\ncommand-line example:\n\n```shell\n$ semver 1.2.3 -i prerelease --preid beta\n1.2.4-beta.0\n```\n\nWhich then can be used to increment further:\n\n```shell\n$ semver 1.2.4-beta.0 -i prerelease\n1.2.4-beta.1\n```\n\n### Advanced Range Syntax\n\nAdvanced range syntax desugars to primitive comparators in\ndeterministic ways.\n\nAdvanced ranges may be combined in the same way as primitive\ncomparators using white space or `||`.\n\n#### Hyphen Ranges `X.Y.Z - A.B.C`\n\nSpecifies an inclusive set.\n\n* `1.2.3 - 2.3.4` := `>=1.2.3 <=2.3.4`\n\nIf a partial version is provided as the first version in the inclusive\nrange, then the missing pieces are replaced with zeroes.\n\n* `1.2 - 2.3.4` := `>=1.2.0 <=2.3.4`\n\nIf a partial version is provided as the second version in the\ninclusive range, then all versions that start with the supplied parts\nof the tuple are accepted, but nothing that would be greater than the\nprovided tuple parts.\n\n* `1.2.3 - 2.3` := `>=1.2.3 <2.4.0`\n* `1.2.3 - 2` := `>=1.2.3 <3.0.0`\n\n#### X-Ranges `1.2.x` `1.X` `1.2.*` `*`\n\nAny of `X`, `x`, or `*` may be used to \"stand in\" for one of the\nnumeric values in the `[major, minor, patch]` tuple.\n\n* `*` := `>=0.0.0` (Any version satisfies)\n* `1.x` := `>=1.0.0 <2.0.0` (Matching major version)\n* `1.2.x` := `>=1.2.0 <1.3.0` (Matching major and minor versions)\n\nA partial version range is treated as an X-Range, so the special\ncharacter is in fact optional.\n\n* `\"\"` (empty string) := `*` := `>=0.0.0`\n* `1` := `1.x.x` := `>=1.0.0 <2.0.0`\n* `1.2` := `1.2.x` := `>=1.2.0 <1.3.0`\n\n#### Tilde Ranges `~1.2.3` `~1.2` `~1`\n\nAllows patch-level changes if a minor version is specified on the\ncomparator. Allows minor-level changes if not.\n\n* `~1.2.3` := `>=1.2.3 <1.(2+1).0` := `>=1.2.3 <1.3.0`\n* `~1.2` := `>=1.2.0 <1.(2+1).0` := `>=1.2.0 <1.3.0` (Same as `1.2.x`)\n* `~1` := `>=1.0.0 <(1+1).0.0` := `>=1.0.0 <2.0.0` (Same as `1.x`)\n* `~0.2.3` := `>=0.2.3 <0.(2+1).0` := `>=0.2.3 <0.3.0`\n* `~0.2` := `>=0.2.0 <0.(2+1).0` := `>=0.2.0 <0.3.0` (Same as `0.2.x`)\n* `~0` := `>=0.0.0 <(0+1).0.0` := `>=0.0.0 <1.0.0` (Same as `0.x`)\n* `~1.2.3-beta.2` := `>=1.2.3-beta.2 <1.3.0` Note that prereleases in\n the `1.2.3` version will be allowed, if they are greater than or\n equal to `beta.2`. So, `1.2.3-beta.4` would be allowed, but\n `1.2.4-beta.2` would not, because it is a prerelease of a\n different `[major, minor, patch]` tuple.\n\n#### Caret Ranges `^1.2.3` `^0.2.5` `^0.0.4`\n\nAllows changes that do not modify the left-most non-zero digit in the\n`[major, minor, patch]` tuple. In other words, this allows patch and\nminor updates for versions `1.0.0` and above, patch updates for\nversions `0.X >=0.1.0`, and *no* updates for versions `0.0.X`.\n\nMany authors treat a `0.x` version as if the `x` were the major\n\"breaking-change\" indicator.\n\nCaret ranges are ideal when an author may make breaking changes\nbetween `0.2.4` and `0.3.0` releases, which is a common practice.\nHowever, it presumes that there will *not* be breaking changes between\n`0.2.4` and `0.2.5`. It allows for changes that are presumed to be\nadditive (but non-breaking), according to commonly observed practices.\n\n* `^1.2.3` := `>=1.2.3 <2.0.0`\n* `^0.2.3` := `>=0.2.3 <0.3.0`\n* `^0.0.3` := `>=0.0.3 <0.0.4`\n* `^1.2.3-beta.2` := `>=1.2.3-beta.2 <2.0.0` Note that prereleases in\n the `1.2.3` version will be allowed, if they are greater than or\n equal to `beta.2`. So, `1.2.3-beta.4` would be allowed, but\n `1.2.4-beta.2` would not, because it is a prerelease of a\n different `[major, minor, patch]` tuple.\n* `^0.0.3-beta` := `>=0.0.3-beta <0.0.4` Note that prereleases in the\n `0.0.3` version *only* will be allowed, if they are greater than or\n equal to `beta`. So, `0.0.3-pr.2` would be allowed.\n\nWhen parsing caret ranges, a missing `patch` value desugars to the\nnumber `0`, but will allow flexibility within that value, even if the\nmajor and minor versions are both `0`.\n\n* `^1.2.x` := `>=1.2.0 <2.0.0`\n* `^0.0.x` := `>=0.0.0 <0.1.0`\n* `^0.0` := `>=0.0.0 <0.1.0`\n\nA missing `minor` and `patch` values will desugar to zero, but also\nallow flexibility within those values, even if the major version is\nzero.\n\n* `^1.x` := `>=1.0.0 <2.0.0`\n* `^0.x` := `>=0.0.0 <1.0.0`\n\n### Range Grammar\n\nPutting all this together, here is a Backus-Naur grammar for ranges,\nfor the benefit of parser authors:\n\n```bnf\nrange-set ::= range ( logical-or range ) *\nlogical-or ::= ( ' ' ) * '||' ( ' ' ) *\nrange ::= hyphen | simple ( ' ' simple ) * | ''\nhyphen ::= partial ' - ' partial\nsimple ::= primitive | partial | tilde | caret\nprimitive ::= ( '<' | '>' | '>=' | '<=' | '=' | ) partial\npartial ::= xr ( '.' xr ( '.' xr qualifier ? )? )?\nxr ::= 'x' | 'X' | '*' | nr\nnr ::= '0' | ['1'-'9']['0'-'9']+\ntilde ::= '~' partial\ncaret ::= '^' partial\nqualifier ::= ( '-' pre )? ( '+' build )?\npre ::= parts\nbuild ::= parts\nparts ::= part ( '.' part ) *\npart ::= nr | [-0-9A-Za-z]+\n```\n\n## Functions\n\nAll methods and classes take a final `loose` boolean argument that, if\ntrue, will be more forgiving about not-quite-valid semver strings.\nThe resulting output will always be 100% strict, of course.\n\nStrict-mode Comparators and Ranges will be strict about the SemVer\nstrings that they parse.\n\n* `valid(v)`: Return the parsed version, or null if it's not valid.\n* `inc(v, release)`: Return the version incremented by the release\n type (`major`, `premajor`, `minor`, `preminor`, `patch`,\n `prepatch`, or `prerelease`), or null if it's not valid\n * `premajor` in one call will bump the version up to the next major\n version and down to a prerelease of that major version.\n `preminor`, and `prepatch` work the same way.\n * If called from a non-prerelease version, the `prerelease` will work the\n same as `prepatch`. It increments the patch version, then makes a\n prerelease. If the input version is already a prerelease it simply\n increments it.\n* `major(v)`: Return the major version number.\n* `minor(v)`: Return the minor version number.\n* `patch(v)`: Return the patch version number.\n\n### Comparison\n\n* `gt(v1, v2)`: `v1 > v2`\n* `gte(v1, v2)`: `v1 >= v2`\n* `lt(v1, v2)`: `v1 < v2`\n* `lte(v1, v2)`: `v1 <= v2`\n* `eq(v1, v2)`: `v1 == v2` This is true if they're logically equivalent,\n even if they're not the exact same string. You already know how to\n compare strings.\n* `neq(v1, v2)`: `v1 != v2` The opposite of `eq`.\n* `cmp(v1, comparator, v2)`: Pass in a comparison string, and it'll call\n the corresponding function above. `\"===\"` and `\"!==\"` do simple\n string comparison, but are included for completeness. Throws if an\n invalid comparison string is provided.\n* `compare(v1, v2)`: Return `0` if `v1 == v2`, or `1` if `v1` is greater, or `-1` if\n `v2` is greater. Sorts in ascending order if passed to `Array.sort()`.\n* `rcompare(v1, v2)`: The reverse of compare. Sorts an array of versions\n in descending order when passed to `Array.sort()`.\n* `diff(v1, v2)`: Returns difference between two versions by the release type\n (`major`, `premajor`, `minor`, `preminor`, `patch`, `prepatch`, or `prerelease`),\n or null if the versions are the same.\n\n\n### Ranges\n\n* `validRange(range)`: Return the valid range or null if it's not valid\n* `satisfies(version, range)`: Return true if the version satisfies the\n range.\n* `maxSatisfying(versions, range)`: Return the highest version in the list\n that satisfies the range, or `null` if none of them do.\n* `gtr(version, range)`: Return `true` if version is greater than all the\n versions possible in the range.\n* `ltr(version, range)`: Return `true` if version is less than all the\n versions possible in the range.\n* `outside(version, range, hilo)`: Return true if the version is outside\n the bounds of the range in either the high or low direction. The\n `hilo` argument must be either the string `'>'` or `'<'`. (This is\n the function called by `gtr` and `ltr`.)\n\nNote that, since ranges may be non-contiguous, a version might not be\ngreater than a range, less than a range, *or* satisfy a range! For\nexample, the range `1.2 <1.2.9 || >2.0.0` would have a hole from `1.2.9`\nuntil `2.0.0`, so the version `1.2.10` would not be greater than the\nrange (because `2.0.1` satisfies, which is higher), nor less than the\nrange (since `1.2.8` satisfies, which is lower), and it also does not\nsatisfy the range.\n\nIf you want to know if a version satisfies or does not satisfy a\nrange, use the `satisfies(version, range)` function.\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\semver", + "error": "[Circular]", + "extraneous": false + }, + "validate-npm-package-license": { + "_args": [ + [ + "validate-npm-package-license@^3.0.1", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/normalize-package-data" + ], + [ + "validate-npm-package-license@3.0.1", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "validate-npm-package-license@>=3.0.1 <4.0.0", + "_id": "validate-npm-package-license@3.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/validate-npm-package-license", + "_nodeVersion": "0.12.7", + "_npmUser": { + "email": "kyle@kemitchell.com", + "name": "kemitchell" + }, + "_npmVersion": "2.13.5", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "validate-npm-package-license@3.0.1", + "name": "validate-npm-package-license", + "escapedName": "validate-npm-package-license", + "rawSpec": "3.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "3.0.1" + }, + "_requiredBy": [ + "/bundle-dependencies/normalize-package-data" + ], + "_resolved": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.1.tgz", + "_shasum": "2804babe712ad3379459acfbe24746ab2c303fbc", + "_shrinkwrap": "[Circular]", + "_spec": "3.0.1", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Kyle E. Mitchell", + "email": "kyle@kemitchell.com", + "url": "https://kemitchell.com" + }, + "bugs": { + "url": "https://github.com/kemitchell/validate-npm-package-license.js/issues" + }, + "dependencies": { + "spdx-correct": { + "_args": [ + [ + "spdx-correct@~1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/validate-npm-package-license" + ], + [ + "spdx-correct@1.0.2", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "spdx-correct@>=1.0.0 <1.1.0", + "_id": "spdx-correct@1.0.2", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/spdx-correct", + "_nodeVersion": "4.2.1", + "_npmUser": { + "email": "kyle@kemitchell.com", + "name": "kemitchell" + }, + "_npmVersion": "3.3.6", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "spdx-correct@1.0.2", + "name": "spdx-correct", + "escapedName": "spdx-correct", + "rawSpec": "1.0.2", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.2" + }, + "_requiredBy": [ + "/bundle-dependencies/validate-npm-package-license" + ], + "_resolved": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-1.0.2.tgz", + "_shasum": "4b3073d933ff51f3912f03ac5519498a4150db40", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.2", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Kyle E. Mitchell", + "email": "kyle@kemitchell.com", + "url": "https://kemitchell.com" + }, + "bugs": { + "url": "https://github.com/kemitchell/spdx-correct.js/issues" + }, + "dependencies": { + "spdx-license-ids": { + "_args": [ + [ + "spdx-license-ids@^1.0.2", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/spdx-correct" + ], + [ + "spdx-license-ids@1.2.0", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "spdx-license-ids@>=1.0.2 <2.0.0", + "_id": "spdx-license-ids@1.2.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/spdx-license-ids", + "_nodeVersion": "5.4.0", + "_npmUser": { + "email": "snnskwtnb@gmail.com", + "name": "shinnn" + }, + "_npmVersion": "3.5.2", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "spdx-license-ids@1.2.0", + "name": "spdx-license-ids", + "escapedName": "spdx-license-ids", + "rawSpec": "1.2.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.2.0" + }, + "_requiredBy": [ + "/bundle-dependencies/spdx-correct", + "/bundle-dependencies/spdx-expression-parse" + ], + "_resolved": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-1.2.0.tgz", + "_shasum": "b549dd0f63dcb745a17e2ea3a07402e0e332d1e2", + "_shrinkwrap": "[Circular]", + "_spec": "1.2.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Shinnosuke Watanabe", + "url": "https://github.com/shinnn" + }, + "bugs": { + "url": "https://github.com/shinnn/spdx-license-ids/issues" + }, + "dependencies": {}, + "description": "A list of SPDX license identifiers", + "devDependencies": { + "@shinnn/eslintrc": "^1.0.0", + "each-async": "^1.1.1", + "eslint": "^0.24.0", + "got": "^3.3.0", + "istanbul": "^0.3.17", + "require-bower-files": "^2.0.0", + "rimraf": "^2.4.1", + "stringify-object": "^2.2.0", + "tape": "^4.0.0" + }, + "directories": {}, + "dist": { + "shasum": "b549dd0f63dcb745a17e2ea3a07402e0e332d1e2", + "tarball": "http://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-1.2.0.tgz" + }, + "files": [ + "spdx-license-ids.json" + ], + "gitHead": "f74a7a16ca05540e0e97f1bbb61da07829b5d9ab", + "homepage": "https://github.com/shinnn/spdx-license-ids#readme", + "keywords": [ + "spdx", + "license", + "licenses", + "id", + "identifier", + "identifiers", + "json", + "array", + "oss", + "browser", + "client-side" + ], + "license": "Unlicense", + "main": "spdx-license-ids.json", + "maintainers": [ + { + "name": "shinnn", + "email": "snnskwtnb@gmail.com" + } + ], + "name": "spdx-license-ids", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/shinnn/spdx-license-ids.git" + }, + "scripts": { + "build": "node --harmony_arrow_functions build.js", + "coverage": "node --harmony_arrow_functions node_modules/.bin/istanbul cover test.js", + "coveralls": "${npm_package_scripts_coverage} && istanbul-coveralls", + "lint": "eslint --config node_modules/@shinnn/eslintrc/rc.json --ignore-path .gitignore .", + "pretest": "${npm_package_scripts_build} && ${npm_package_scripts_lint}", + "test": "node --harmony_arrow_functions test.js" + }, + "version": "1.2.0", + "readme": "# spdx-license-ids\n\nA list of [SPDX license](https://spdx.org/licenses/) identifiers\n\n[**Download JSON**](https://raw.githubusercontent.com/shinnn/spdx-license-ids/master/spdx-license-ids.json)\n\n## Use as a JavaScript Library\n\n[![NPM version](https://img.shields.io/npm/v/spdx-license-ids.svg)](https://www.npmjs.org/package/spdx-license-ids)\n[![Bower version](https://img.shields.io/bower/v/spdx-license-ids.svg)](https://github.com/shinnn/spdx-license-ids/releases)\n[![Build Status](https://travis-ci.org/shinnn/spdx-license-ids.svg?branch=master)](https://travis-ci.org/shinnn/spdx-license-ids)\n[![Coverage Status](https://img.shields.io/coveralls/shinnn/spdx-license-ids.svg)](https://coveralls.io/r/shinnn/spdx-license-ids)\n[![devDependency Status](https://david-dm.org/shinnn/spdx-license-ids/dev-status.svg)](https://david-dm.org/shinnn/spdx-license-ids#info=devDependencies)\n\n### Installation\n\n#### Package managers\n\n##### [npm](https://www.npmjs.com/)\n\n```sh\nnpm install spdx-license-ids\n```\n\n##### [bower](http://bower.io/)\n\n```sh\nbower install spdx-license-ids\n```\n\n##### [Duo](http://duojs.org/)\n\n```javascript\nconst spdxLicenseIds = require('shinnn/spdx-license-ids');\n```\n\n#### Standalone\n\n[Download the script file directly.](https://raw.githubusercontent.com/shinnn/spdx-license-ids/master/spdx-license-ids-browser.js)\n\n### API\n\n#### spdxLicenseIds\n\nType: `Array` of `String`\n\nIt returns an array of SPDX license identifiers.\n\n```javascript\nconst spdxLicenseIds = require('spdx-license-ids'); //=> ['Glide', 'Abstyles', 'AFL-1.1', ... ]\n```\n\n## License\n\n[The Unlicense](./LICENSE).\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\spdx-license-ids", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "correct invalid SPDX identifiers", + "devDependencies": { + "defence-cli": "^1.0.1", + "replace-require-self": "^1.0.0", + "spdx-expression-parse": "^1.0.0", + "tape": "~4.0.0" + }, + "directories": {}, + "dist": { + "shasum": "4b3073d933ff51f3912f03ac5519498a4150db40", + "tarball": "http://registry.npmjs.org/spdx-correct/-/spdx-correct-1.0.2.tgz" + }, + "gitHead": "8430a3ad521e1455208db33faafcb79c7b074236", + "homepage": "https://github.com/kemitchell/spdx-correct.js#readme", + "keywords": [ + "SPDX", + "law", + "legal", + "license", + "metadata" + ], + "license": "Apache-2.0", + "maintainers": [ + { + "name": "kemitchell", + "email": "kyle@kemitchell.com" + }, + { + "name": "othiym23", + "email": "ogd@aoaioxxysz.net" + } + ], + "name": "spdx-correct", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/kemitchell/spdx-correct.js.git" + }, + "scripts": { + "test": "defence README.md | replace-require-self | node && tape *.test.js" + }, + "version": "1.0.2", + "readme": "```javascript\nvar correct = require('spdx-correct');\nvar assert = require('assert');\n\nassert.equal(correct('mit'), 'MIT')\n\nassert.equal(correct('Apache 2'), 'Apache-2.0')\n\nassert(correct('No idea what license') === null)\n```\n", + "readmeFilename": "README.md", + "_dependencies": { + "spdx-license-ids": "^1.0.2" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\spdx-correct", + "error": "[Circular]", + "extraneous": false + }, + "spdx-expression-parse": { + "_args": [ + [ + "spdx-expression-parse@~1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/validate-npm-package-license" + ], + [ + "spdx-expression-parse@1.0.2", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "spdx-expression-parse@>=1.0.0 <1.1.0", + "_id": "spdx-expression-parse@1.0.2", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/spdx-expression-parse", + "_nodeVersion": "5.0.0", + "_npmUser": { + "email": "kyle@kemitchell.com", + "name": "kemitchell" + }, + "_npmVersion": "3.3.6", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "spdx-expression-parse@1.0.2", + "name": "spdx-expression-parse", + "escapedName": "spdx-expression-parse", + "rawSpec": "1.0.2", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.2" + }, + "_requiredBy": [ + "/bundle-dependencies/validate-npm-package-license" + ], + "_resolved": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-1.0.2.tgz", + "_shasum": "d52b14b5e9670771440af225bcb563122ac452f6", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.2", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Kyle E. Mitchell", + "email": "kyle@kemitchell.com", + "url": "http://kemitchell.com" + }, + "bugs": { + "url": "https://github.com/kemitchell/spdx-expression-parse.js/issues" + }, + "dependencies": { + "spdx-exceptions": { + "_args": [ + [ + "spdx-exceptions@^1.0.4", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/spdx-expression-parse" + ], + [ + "spdx-exceptions@1.0.4", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "spdx-exceptions@>=1.0.4 <2.0.0", + "_id": "spdx-exceptions@1.0.4", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/spdx-exceptions", + "_nodeVersion": "5.0.0", + "_npmUser": { + "email": "kyle@kemitchell.com", + "name": "kemitchell" + }, + "_npmVersion": "3.3.6", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "spdx-exceptions@1.0.4", + "name": "spdx-exceptions", + "escapedName": "spdx-exceptions", + "rawSpec": "1.0.4", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.4" + }, + "_requiredBy": [ + "/bundle-dependencies/spdx-expression-parse" + ], + "_resolved": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-1.0.4.tgz", + "_shasum": "220b84239119ae9045a892db81a83f4ce16f80fd", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.4", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "The Linux Foundation" + }, + "bugs": { + "url": "https://github.com/kemitchell/spdx-exceptions.json/issues" + }, + "contributors": [ + { + "name": "Kyle E. Mitchell", + "email": "kyle@kemitchell.com", + "url": "https://kemitchell.com/" + } + ], + "dependencies": {}, + "description": "list of SPDX standard license exceptions", + "devDependencies": {}, + "directories": {}, + "dist": { + "shasum": "220b84239119ae9045a892db81a83f4ce16f80fd", + "tarball": "http://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-1.0.4.tgz" + }, + "gitHead": "770316d6c946417ab6efa8533b82d0b61779092b", + "homepage": "https://github.com/kemitchell/spdx-exceptions.json#readme", + "license": "CC-BY-3.0", + "maintainers": [ + { + "name": "kemitchell", + "email": "kyle@kemitchell.com" + } + ], + "name": "spdx-exceptions", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/kemitchell/spdx-exceptions.json.git" + }, + "scripts": {}, + "version": "1.0.4", + "readme": "The package exports an array of strings.\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\spdx-exceptions", + "error": "[Circular]", + "extraneous": false + }, + "spdx-license-ids": { + "_args": "[Circular]", + "_from": "spdx-license-ids@>=1.0.2 <2.0.0", + "_id": "spdx-license-ids@1.2.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/spdx-license-ids", + "_nodeVersion": "5.4.0", + "_npmUser": "[Circular]", + "_npmVersion": "3.5.2", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "spdx-license-ids@1.2.0", + "name": "spdx-license-ids", + "escapedName": "spdx-license-ids", + "rawSpec": "1.2.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.2.0" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-1.2.0.tgz", + "_shasum": "b549dd0f63dcb745a17e2ea3a07402e0e332d1e2", + "_shrinkwrap": "[Circular]", + "_spec": "1.2.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "A list of SPDX license identifiers", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "files": "[Circular]", + "gitHead": "f74a7a16ca05540e0e97f1bbb61da07829b5d9ab", + "homepage": "https://github.com/shinnn/spdx-license-ids#readme", + "keywords": "[Circular]", + "license": "Unlicense", + "main": "spdx-license-ids.json", + "maintainers": "[Circular]", + "name": "spdx-license-ids", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "1.2.0", + "readme": "# spdx-license-ids\n\nA list of [SPDX license](https://spdx.org/licenses/) identifiers\n\n[**Download JSON**](https://raw.githubusercontent.com/shinnn/spdx-license-ids/master/spdx-license-ids.json)\n\n## Use as a JavaScript Library\n\n[![NPM version](https://img.shields.io/npm/v/spdx-license-ids.svg)](https://www.npmjs.org/package/spdx-license-ids)\n[![Bower version](https://img.shields.io/bower/v/spdx-license-ids.svg)](https://github.com/shinnn/spdx-license-ids/releases)\n[![Build Status](https://travis-ci.org/shinnn/spdx-license-ids.svg?branch=master)](https://travis-ci.org/shinnn/spdx-license-ids)\n[![Coverage Status](https://img.shields.io/coveralls/shinnn/spdx-license-ids.svg)](https://coveralls.io/r/shinnn/spdx-license-ids)\n[![devDependency Status](https://david-dm.org/shinnn/spdx-license-ids/dev-status.svg)](https://david-dm.org/shinnn/spdx-license-ids#info=devDependencies)\n\n### Installation\n\n#### Package managers\n\n##### [npm](https://www.npmjs.com/)\n\n```sh\nnpm install spdx-license-ids\n```\n\n##### [bower](http://bower.io/)\n\n```sh\nbower install spdx-license-ids\n```\n\n##### [Duo](http://duojs.org/)\n\n```javascript\nconst spdxLicenseIds = require('shinnn/spdx-license-ids');\n```\n\n#### Standalone\n\n[Download the script file directly.](https://raw.githubusercontent.com/shinnn/spdx-license-ids/master/spdx-license-ids-browser.js)\n\n### API\n\n#### spdxLicenseIds\n\nType: `Array` of `String`\n\nIt returns an array of SPDX license identifiers.\n\n```javascript\nconst spdxLicenseIds = require('spdx-license-ids'); //=> ['Glide', 'Abstyles', 'AFL-1.1', ... ]\n```\n\n## License\n\n[The Unlicense](./LICENSE).\n", + "readmeFilename": "README.md", + "_dependencies": "[Circular]", + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\spdx-license-ids", + "error": "[Circular]", + "extraneous": false, + "_deduped": "node_modules\\bundle-dependencies\\node_modules\\spdx-license-ids" + } + }, + "description": "parse SPDX license expressions", + "devDependencies": { + "defence-cli": "^1.0.1", + "jison": "^0.4.15", + "replace-require-self": "^1.0.0", + "uglify-js": "^2.4.24" + }, + "directories": {}, + "dist": { + "shasum": "d52b14b5e9670771440af225bcb563122ac452f6", + "tarball": "http://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-1.0.2.tgz" + }, + "gitHead": "ffe2fa7272ebf640b18286fc561f17a844d4f06b", + "homepage": "https://github.com/kemitchell/spdx-expression-parse.js#readme", + "keywords": [ + "SPDX", + "law", + "legal", + "license", + "metadata", + "package", + "package.json", + "standards" + ], + "license": "(MIT AND CC-BY-3.0)", + "maintainers": [ + { + "name": "kemitchell", + "email": "kyle@kemitchell.com" + } + ], + "name": "spdx-expression-parse", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/kemitchell/spdx-expression-parse.js.git" + }, + "scripts": { + "prepublish": "node generate-parser.js | uglifyjs > parser.generated.js", + "pretest": "npm run prepublish", + "test": "defence -i javascript README.md | replace-require-self | node" + }, + "version": "1.0.2", + "readme": "```javascript\nvar parse = require('spdx-expression-parse')\nvar assert = require('assert')\n\nvar firstAST = {\n left: { license: 'LGPL-2.1' },\n conjunction: 'or',\n right: {\n left: { license: 'BSD-3-Clause' },\n conjunction: 'and',\n right: { license: 'MIT' } } }\n\nassert.deepEqual(\n parse('(LGPL-2.1 OR BSD-3-Clause AND MIT)'),\n firstAST)\n\nvar secondAST = {\n left: { license: 'MIT' },\n conjunction: 'and',\n right: {\n left: {\n\t license: 'LGPL-2.1',\n\t plus: true },\n conjunction: 'and',\n right: { license: 'BSD-3-Clause' } } }\n\nassert.deepEqual(\n parse('(MIT AND (LGPL-2.1+ AND BSD-3-Clause))'),\n secondAST)\n\n// We handle all the bare SPDX license and exception ids as well.\nrequire('spdx-license-ids').forEach(function(id) {\n assert.deepEqual(\n parse(id),\n { license: id })\n require('spdx-exceptions').forEach(function(e) {\n assert.deepEqual(\n parse(id + ' WITH ' + e),\n { license: id, exception: e }) }) })\n```\n\n---\n\n[The Software Package Data Exchange (SPDX) specification](http://spdx.org) is the work of the [Linux Foundation](http://www.linuxfoundation.org) and its contributors, and is licensed under the terms of [the Creative Commons Attribution License 3.0 Unported (SPDX: \"CC-BY-3.0\")](http://spdx.org/licenses/CC-BY-3.0). \"SPDX\" is a United States federally registered trademark of the Linux Foundation.\n", + "readmeFilename": "README.md", + "_dependencies": { + "spdx-exceptions": "^1.0.4", + "spdx-license-ids": "^1.0.0" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\spdx-expression-parse", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Give me a string and I'll tell you if it's a valid npm package license string", + "devDependencies": { + "defence-cli": "^1.0.1", + "replace-require-self": "^1.0.0" + }, + "directories": {}, + "dist": { + "shasum": "2804babe712ad3379459acfbe24746ab2c303fbc", + "tarball": "http://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.1.tgz" + }, + "gitHead": "00200d28f9960985f221bc1a8a71e4760daf39bf", + "homepage": "https://github.com/kemitchell/validate-npm-package-license.js#readme", + "keywords": [ + "license", + "npm", + "package", + "validation" + ], + "license": "Apache-2.0", + "maintainers": [ + { + "name": "kemitchell", + "email": "kyle@kemitchell.com" + }, + { + "name": "othiym23", + "email": "ogd@aoaioxxysz.net" + } + ], + "name": "validate-npm-package-license", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/kemitchell/validate-npm-package-license.js.git" + }, + "scripts": { + "test": "defence README.md | replace-require-self | node" + }, + "version": "3.0.1", + "readme": "validate-npm-package-license\n============================\n\nGive me a string and I'll tell you if it's a valid npm package license string.\n\n```javascript\nvar valid = require('validate-npm-package-license');\n```\n\nSPDX license identifiers are valid license strings:\n\n```javascript\n\nvar assert = require('assert');\nvar validSPDXExpression = {\n validForNewPackages: true,\n validForOldPackages: true,\n spdx: true\n};\n\nassert.deepEqual(valid('MIT'), validSPDXExpression);\nassert.deepEqual(valid('BSD-2-Clause'), validSPDXExpression);\nassert.deepEqual(valid('Apache-2.0'), validSPDXExpression);\nassert.deepEqual(valid('ISC'), validSPDXExpression);\n```\nThe function will return a warning and suggestion for nearly-correct license identifiers:\n\n```javascript\nassert.deepEqual(\n valid('Apache 2.0'),\n {\n validForOldPackages: false,\n validForNewPackages: false,\n warnings: [\n 'license should be ' +\n 'a valid SPDX license expression (without \"LicenseRef\"), ' +\n '\"UNLICENSED\", or ' +\n '\"SEE LICENSE IN \"',\n 'license is similar to the valid expression \"Apache-2.0\"'\n ]\n }\n);\n```\n\nSPDX expressions are valid, too ...\n\n```javascript\n// Simple SPDX license expression for dual licensing\nassert.deepEqual(\n valid('(GPL-3.0 OR BSD-2-Clause)'),\n validSPDXExpression\n);\n```\n\n... except if they contain `LicenseRef`:\n\n```javascript\nvar warningAboutLicenseRef = {\n validForOldPackages: false,\n validForNewPackages: false,\n spdx: true,\n warnings: [\n 'license should be ' +\n 'a valid SPDX license expression (without \"LicenseRef\"), ' +\n '\"UNLICENSED\", or ' +\n '\"SEE LICENSE IN \"',\n ]\n};\n\nassert.deepEqual(\n valid('LicenseRef-Made-Up'),\n warningAboutLicenseRef\n);\n\nassert.deepEqual(\n valid('(MIT OR LicenseRef-Made-Up)'),\n warningAboutLicenseRef\n);\n```\n\nIf you can't describe your licensing terms with standardized SPDX identifiers, put the terms in a file in the package and point users there:\n\n```javascript\nassert.deepEqual(\n valid('SEE LICENSE IN LICENSE.txt'),\n {\n validForNewPackages: true,\n validForOldPackages: true,\n inFile: 'LICENSE.txt'\n }\n);\n\nassert.deepEqual(\n valid('SEE LICENSE IN license.md'),\n {\n validForNewPackages: true,\n validForOldPackages: true,\n inFile: 'license.md'\n }\n);\n```\n\nIf there aren't any licensing terms, use `UNLICENSED`:\n\n```javascript\nvar unlicensed = {\n validForNewPackages: true,\n validForOldPackages: true,\n unlicensed: true\n};\nassert.deepEqual(valid('UNLICENSED'), unlicensed);\nassert.deepEqual(valid('UNLICENCED'), unlicensed);\n```\n", + "readmeFilename": "README.md", + "_dependencies": { + "spdx-correct": "~1.0.0", + "spdx-expression-parse": "~1.0.0" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\validate-npm-package-license", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Normalizes data that can be found in package.json files.", + "devDependencies": { + "async": "^1.5.0", + "tap": "^2.2.0", + "underscore": "^1.8.3" + }, + "directories": {}, + "dist": { + "shasum": "8d924f142960e1777e7ffe170543631cc7cb02df", + "tarball": "http://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.3.5.tgz" + }, + "gitHead": "3dc7756af20b3b1b24c6d75302448ca3659e0a65", + "homepage": "https://github.com/npm/normalize-package-data#readme", + "license": "BSD-2-Clause", + "main": "lib/normalize.js", + "maintainers": [ + { + "name": "iarna", + "email": "me@re-becca.org" + }, + { + "name": "isaacs", + "email": "isaacs@npmjs.com" + }, + { + "name": "meryn", + "email": "merynstol@gmail.com" + }, + { + "name": "othiym23", + "email": "ogd@aoaioxxysz.net" + }, + { + "name": "zkat", + "email": "kat@sykosomatic.org" + } + ], + "name": "normalize-package-data", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git://github.com/npm/normalize-package-data.git" + }, + "scripts": { + "test": "tap test/*.js" + }, + "version": "2.3.5", + "readme": "# normalize-package-data [![Build Status](https://travis-ci.org/npm/normalize-package-data.png?branch=master)](https://travis-ci.org/npm/normalize-package-data)\n\nnormalize-package data exports a function that normalizes package metadata. This data is typically found in a package.json file, but in principle could come from any source - for example the npm registry.\n\nnormalize-package-data is used by [read-package-json](https://npmjs.org/package/read-package-json) to normalize the data it reads from a package.json file. In turn, read-package-json is used by [npm](https://npmjs.org/package/npm) and various npm-related tools.\n\n## Installation\n\n```\nnpm install normalize-package-data\n```\n\n## Usage\n\nBasic usage is really simple. You call the function that normalize-package-data exports. Let's call it `normalizeData`.\n\n```javascript\nnormalizeData = require('normalize-package-data')\npackageData = fs.readFileSync(\"package.json\")\nnormalizeData(packageData)\n// packageData is now normalized\n```\n\n#### Strict mode\n\nYou may activate strict validation by passing true as the second argument.\n\n```javascript\nnormalizeData = require('normalize-package-data')\npackageData = fs.readFileSync(\"package.json\")\nwarnFn = function(msg) { console.error(msg) }\nnormalizeData(packageData, true)\n// packageData is now normalized\n```\n\nIf strict mode is activated, only Semver 2.0 version strings are accepted. Otherwise, Semver 1.0 strings are accepted as well. Packages must have a name, and the name field must not have contain leading or trailing whitespace.\n\n#### Warnings\n\nOptionally, you may pass a \"warning\" function. It gets called whenever the `normalizeData` function encounters something that doesn't look right. It indicates less than perfect input data.\n\n```javascript\nnormalizeData = require('normalize-package-data')\npackageData = fs.readFileSync(\"package.json\")\nwarnFn = function(msg) { console.error(msg) }\nnormalizeData(packageData, warnFn)\n// packageData is now normalized. Any number of warnings may have been logged.\n```\n\nYou may combine strict validation with warnings by passing `true` as the second argument, and `warnFn` as third.\n\nWhen `private` field is set to `true`, warnings will be suppressed.\n\n### Potential exceptions\n\nIf the supplied data has an invalid name or version vield, `normalizeData` will throw an error. Depending on where you call `normalizeData`, you may want to catch these errors so can pass them to a callback.\n\n## What normalization (currently) entails\n\n* The value of `name` field gets trimmed (unless in strict mode).\n* The value of the `version` field gets cleaned by `semver.clean`. See [documentation for the semver module](https://github.com/isaacs/node-semver).\n* If `name` and/or `version` fields are missing, they are set to empty strings.\n* If `files` field is not an array, it will be removed.\n* If `bin` field is a string, then `bin` field will become an object with `name` set to the value of the `name` field, and `bin` set to the original string value.\n* If `man` field is a string, it will become an array with the original string as its sole member.\n* If `keywords` field is string, it is considered to be a list of keywords separated by one or more white-space characters. It gets converted to an array by splitting on `\\s+`.\n* All people fields (`author`, `maintainers`, `contributors`) get converted into objects with name, email and url properties.\n* If `bundledDependencies` field (a typo) exists and `bundleDependencies` field does not, `bundledDependencies` will get renamed to `bundleDependencies`.\n* If the value of any of the dependencies fields (`dependencies`, `devDependencies`, `optionalDependencies`) is a string, it gets converted into an object with familiar `name=>value` pairs.\n* The values in `optionalDependencies` get added to `dependencies`. The `optionalDependencies` array is left untouched.\n* As of v2: Dependencies that point at known hosted git providers (currently: github, bitbucket, gitlab) will have their URLs canonicalized, but protocols will be preserved.\n* As of v2: Dependencies that use shortcuts for hosted git providers (`org/proj`, `github:org/proj`, `bitbucket:org/proj`, `gitlab:org/proj`, `gist:docid`) will have the shortcut left in place. (In the case of github, the `org/proj` form will be expanded to `github:org/proj`.) THIS MARKS A BREAKING CHANGE FROM V1, where the shorcut was previously expanded to a URL.\n* If `description` field does not exist, but `readme` field does, then (more or less) the first paragraph of text that's found in the readme is taken as value for `description`.\n* If `repository` field is a string, it will become an object with `url` set to the original string value, and `type` set to `\"git\"`.\n* If `repository.url` is not a valid url, but in the style of \"[owner-name]/[repo-name]\", `repository.url` will be set to git+https://github.com/[owner-name]/[repo-name].git\n* If `bugs` field is a string, the value of `bugs` field is changed into an object with `url` set to the original string value.\n* If `bugs` field does not exist, but `repository` field points to a repository hosted on GitHub, the value of the `bugs` field gets set to an url in the form of https://github.com/[owner-name]/[repo-name]/issues . If the repository field points to a GitHub Gist repo url, the associated http url is chosen.\n* If `bugs` field is an object, the resulting value only has email and url properties. If email and url properties are not strings, they are ignored. If no valid values for either email or url is found, bugs field will be removed.\n* If `homepage` field is not a string, it will be removed.\n* If the url in the `homepage` field does not specify a protocol, then http is assumed. For example, `myproject.org` will be changed to `http://myproject.org`.\n* If `homepage` field does not exist, but `repository` field points to a repository hosted on GitHub, the value of the `homepage` field gets set to an url in the form of https://github.com/[owner-name]/[repo-name]/ . If the repository field points to a GitHub Gist repo url, the associated http url is chosen.\n\n### Rules for name field\n\nIf `name` field is given, the value of the name field must be a string. The string may not:\n\n* start with a period.\n* contain the following characters: `/@\\s+%`\n* contain and characters that would need to be encoded for use in urls.\n* resemble the word `node_modules` or `favicon.ico` (case doesn't matter).\n\n### Rules for version field\n\nIf `version` field is given, the value of the version field must be a valid *semver* string, as determined by the `semver.valid` method. See [documentation for the semver module](https://github.com/isaacs/node-semver).\n\n### Rules for license field\n\nThe `license` field should be a valid *SPDX license expression* or one of the special values allowed by [validate-npm-package-license](https://npmjs.com/packages/validate-npm-package-license). See [documentation for the license field in package.json](https://docs.npmjs.com/files/package.json#license).\n\n## Credits\n\nThis package contains code based on read-package-json written by Isaac Z. Schlueter. Used with permisson.\n\n## License\n\nnormalize-package-data is released under the [BSD 2-Clause License](http://opensource.org/licenses/MIT). \nCopyright (c) 2013 Meryn Stol \n", + "readmeFilename": "README.md", + "_dependencies": { + "hosted-git-info": "^2.1.4", + "is-builtin-module": "^1.0.0", + "semver": "2 || 3 || 4 || 5", + "validate-npm-package-license": "^3.0.1" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\normalize-package-data", + "error": "[Circular]", + "extraneous": false + }, + "path-type": { + "_args": [ + [ + "path-type@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/read-pkg" + ], + [ + "path-type@1.1.0", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "path-type@>=1.0.0 <2.0.0", + "_id": "path-type@1.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/path-type", + "_nodeVersion": "4.2.1", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.14.7", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "path-type@1.1.0", + "name": "path-type", + "escapedName": "path-type", + "rawSpec": "1.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies/read-pkg" + ], + "_resolved": "https://registry.npmjs.org/path-type/-/path-type-1.1.0.tgz", + "_shasum": "59c44f7ee491da704da415da5a4070ba4f8fe441", + "_shrinkwrap": "[Circular]", + "_spec": "1.1.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/path-type/issues" + }, + "dependencies": { + "graceful-fs": { + "_args": "[Circular]", + "_from": "graceful-fs@>=4.1.2 <5.0.0", + "_id": "graceful-fs@4.1.3", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/graceful-fs", + "_nodeVersion": "4.0.0", + "_npmOperationalInternal": "[Circular]", + "_npmUser": "[Circular]", + "_npmVersion": "3.7.0", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "graceful-fs@4.1.3", + "name": "graceful-fs", + "escapedName": "graceful-fs", + "rawSpec": "4.1.3", + "saveSpec": "[Circular]", + "fetchSpec": "4.1.3" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.1.3.tgz", + "_shasum": "92033ce11113c41e2628d61fdfa40bc10dc0155c", + "_shrinkwrap": "[Circular]", + "_spec": "4.1.3", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "bugs": "[Circular]", + "dependencies": {}, + "description": "A drop-in replacement for fs, making various improvements.", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "694c56f3aed4aee62d6df169be123d3984f61b85", + "homepage": "https://github.com/isaacs/node-graceful-fs#readme", + "keywords": "[Circular]", + "license": "ISC", + "main": "graceful-fs.js", + "maintainers": "[Circular]", + "name": "graceful-fs", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "4.1.3", + "readme": "# graceful-fs\n\ngraceful-fs functions as a drop-in replacement for the fs module,\nmaking various improvements.\n\nThe improvements are meant to normalize behavior across different\nplatforms and environments, and to make filesystem access more\nresilient to errors.\n\n## Improvements over [fs module](http://api.nodejs.org/fs.html)\n\ngraceful-fs:\n\n* Queues up `open` and `readdir` calls, and retries them once\n something closes if there is an EMFILE error from too many file\n descriptors.\n* fixes `lchmod` for Node versions prior to 0.6.2.\n* implements `fs.lutimes` if possible. Otherwise it becomes a noop.\n* ignores `EINVAL` and `EPERM` errors in `chown`, `fchown` or\n `lchown` if the user isn't root.\n* makes `lchmod` and `lchown` become noops, if not available.\n* retries reading a file if `read` results in EAGAIN error.\n\nOn Windows, it retries renaming a file for up to one second if `EACCESS`\nor `EPERM` error occurs, likely because antivirus software has locked\nthe directory.\n\n## USAGE\n\n```javascript\n// use just like fs\nvar fs = require('graceful-fs')\n\n// now go and do stuff with it...\nfs.readFileSync('some-file-or-whatever')\n```\n\n## Global Patching\n\nIf you want to patch the global fs module (or any other fs-like\nmodule) you can do this:\n\n```javascript\n// Make sure to read the caveat below.\nvar realFs = require('fs')\nvar gracefulFs = require('graceful-fs')\ngracefulFs.gracefulify(realFs)\n```\n\nThis should only ever be done at the top-level application layer, in\norder to delay on EMFILE errors from any fs-using dependencies. You\nshould **not** do this in a library, because it can cause unexpected\ndelays in other parts of the program.\n", + "readmeFilename": "README.md", + "_dependencies": "[Circular]", + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\graceful-fs", + "error": "[Circular]", + "extraneous": false, + "_deduped": "node_modules\\bundle-dependencies\\node_modules\\graceful-fs" + }, + "pify": { + "_args": "[Circular]", + "_from": "pify@>=2.0.0 <3.0.0", + "_id": "pify@2.3.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/pify", + "_nodeVersion": "4.2.1", + "_npmUser": "[Circular]", + "_npmVersion": "2.14.7", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "pify@2.3.0", + "name": "pify", + "escapedName": "pify", + "rawSpec": "2.3.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.3.0" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz", + "_shasum": "ed141a6ac043a849ea588498e7dca8b15330e90c", + "_shrinkwrap": "[Circular]", + "_spec": "2.3.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "Promisify a callback-style function", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "2dd0d8b880e4ebcc5cc33ae126b02647418e4440", + "homepage": "https://github.com/sindresorhus/pify", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "pify", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "2.3.0", + "readme": "# pify [![Build Status](https://travis-ci.org/sindresorhus/pify.svg?branch=master)](https://travis-ci.org/sindresorhus/pify)\n\n> Promisify a callback-style function\n\n\n## Install\n\n```\n$ npm install --save pify\n```\n\n\n## Usage\n\n```js\nconst fs = require('fs');\nconst pify = require('pify');\n\n// promisify a single function\n\npify(fs.readFile)('package.json', 'utf8').then(data => {\n\tconsole.log(JSON.parse(data).name);\n\t//=> 'pify'\n});\n\n// or promisify all methods in a module\n\npify(fs).readFile('package.json', 'utf8').then(data => {\n\tconsole.log(JSON.parse(data).name);\n\t//=> 'pify'\n});\n```\n\n\n## API\n\n### pify(input, [promiseModule], [options])\n\nReturns a promise wrapped version of the supplied function or module.\n\n#### input\n\nType: `function`, `object`\n\nCallback-style function or module whose methods you want to promisify.\n\n#### promiseModule\n\nType: `function`\n\nCustom promise module to use instead of the native one.\n\nCheck out [`pinkie-promise`](https://github.com/floatdrop/pinkie-promise) if you need a tiny promise polyfill.\n\n#### options\n\n##### multiArgs\n\nType: `boolean` \nDefault: `false`\n\nBy default, the promisified function will only return the second argument from the callback, which works fine for most APIs. This option can be useful for modules like `request` that return multiple arguments. Turning this on will make it return an array of all arguments from the callback, excluding the error argument, instead of just the second argument.\n\n```js\nconst request = require('request');\nconst pify = require('pify');\n\npify(request, {multiArgs: true})('https://sindresorhus.com').then(result => {\n\tconst [httpResponse, body] = result;\n});\n```\n\n##### include\n\nType: `array` of (`string`|`regex`)\n\nMethods in a module to promisify. Remaining methods will be left untouched.\n\n##### exclude\n\nType: `array` of (`string`|`regex`) \nDefault: `[/.+Sync$/]`\n\nMethods in a module **not** to promisify. Methods with names ending with `'Sync'` are excluded by default.\n\n##### excludeMain\n\nType: `boolean` \nDefault: `false`\n\nBy default, if given module is a function itself, this function will be promisified. Turn this option on if you want to promisify only methods of the module.\n\n```js\nconst pify = require('pify');\n\nfunction fn() {\n\treturn true;\n}\n\nfn.method = (data, callback) => {\n\tsetImmediate(() => {\n\t\tcallback(data, null);\n\t});\n};\n\n// promisify methods but not fn()\nconst promiseFn = pify(fn, {excludeMain: true});\n\nif (promiseFn()) {\n\tpromiseFn.method('hi').then(data => {\n\t\tconsole.log(data);\n\t});\n}\n```\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pify", + "error": "[Circular]", + "extraneous": false, + "_deduped": "node_modules\\bundle-dependencies\\node_modules\\pify" + }, + "pinkie-promise": { + "_args": "[Circular]", + "_from": "pinkie-promise@>=2.0.0 <3.0.0", + "_id": "pinkie-promise@2.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/pinkie-promise", + "_nodeVersion": "4.2.0", + "_npmUser": "[Circular]", + "_npmVersion": "2.14.7", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "pinkie-promise@2.0.0", + "name": "pinkie-promise", + "escapedName": "pinkie-promise", + "rawSpec": "2.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.0.0" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/pinkie-promise/-/pinkie-promise-2.0.0.tgz", + "_shasum": "4c83538de1f6e660c29e0a13446844f7a7e88259", + "_shrinkwrap": "[Circular]", + "_spec": "2.0.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "ES2015 Promise ponyfill", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "f90fcae9838bcae7ae1ae4ebc9b29f11e5db4980", + "homepage": "https://github.com/floatdrop/pinkie-promise", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "pinkie-promise", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "2.0.0", + "readme": "# pinkie-promise [![Build Status](https://travis-ci.org/floatdrop/pinkie-promise.svg?branch=master)](https://travis-ci.org/floatdrop/pinkie-promise)\n\n> [ES2015 Promise](https://people.mozilla.org/~jorendorff/es6-draft.html#sec-promise-objects) ponyfill\n\nModule exports global Promise object (if available) or [`pinkie`](http://github.com/floatdrop/pinkie) Promise polyfill.\n\n## Install\n\n```\n$ npm install --save pinkie-promise\n```\n\n## Usage\n\n```js\nvar Promise = require('pinkie-promise');\n\nnew Promise(function (resolve) { resolve('unicorns'); });\n//=> Promise { 'unicorns' }\n```\n\n## Related\n\n- [pify](https://github.com/sindresorhus/pify) - Promisify a callback-style function\n\n## License\n\nMIT © [Vsevolod Strukchinsky](http://github.com/floatdrop)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pinkie-promise", + "error": "[Circular]", + "extraneous": false, + "_deduped": "node_modules\\bundle-dependencies\\node_modules\\pinkie-promise" + } + }, + "description": "Check if a path is a file, directory, or symlink", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "59c44f7ee491da704da415da5a4070ba4f8fe441", + "tarball": "http://registry.npmjs.org/path-type/-/path-type-1.1.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "dff5c2a62f89efe7e0cce600bf38e76196d8b4b2", + "homepage": "https://github.com/sindresorhus/path-type", + "keywords": [ + "path", + "fs", + "type", + "is", + "check", + "directory", + "dir", + "file", + "filepath", + "symlink", + "symbolic", + "link", + "stat", + "stats", + "filesystem" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "path-type", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/path-type.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "1.1.0", + "xo": { + "ignores": [ + "test.js" + ] + }, + "readme": "# path-type [![Build Status](https://travis-ci.org/sindresorhus/path-type.svg?branch=master)](https://travis-ci.org/sindresorhus/path-type)\n\n> Check if a path is a file, directory, or symlink\n\n\n## Install\n\n```\n$ npm install --save path-type\n```\n\n\n## Usage\n\n```js\nvar pathType = require('path-type');\n\npathType.file('package.json').then(function (isFile) {\n\tconsole.log(isFile);\n\t//=> true\n})\n```\n\n\n## API\n\n### .file(path)\n### .dir(path)\n### .symlink(path)\n\nReturns a promise that resolves to a boolean of whether the path is the checked type.\n\n### .fileSync(path)\n### .dirSync(path)\n### .symlinkSync(path)\n\nReturns a boolean of whether the path is the checked type.\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "graceful-fs": "^4.1.2", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\path-type", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Read a package.json file", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "f5ffaa5ecd29cb31c0474bca7d756b6bb29e3f28", + "tarball": "http://registry.npmjs.org/read-pkg/-/read-pkg-1.1.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "9448d32b2ebcd65fc0547def3cfe5b28ef522e68", + "homepage": "https://github.com/sindresorhus/read-pkg", + "keywords": [ + "json", + "read", + "parse", + "file", + "fs", + "graceful", + "load", + "pkg", + "package", + "normalize" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "read-pkg", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/read-pkg.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "1.1.0", + "readme": "# read-pkg [![Build Status](https://travis-ci.org/sindresorhus/read-pkg.svg?branch=master)](https://travis-ci.org/sindresorhus/read-pkg)\n\n> Read a package.json file\n\n\n## Why\n\n- [Gracefully handles filesystem issues](https://github.com/isaacs/node-graceful-fs)\n- [Strips UTF-8 BOM](https://github.com/sindresorhus/strip-bom)\n- [Throws more helpful JSON errors](https://github.com/sindresorhus/parse-json)\n- [Normalizes the data](https://github.com/npm/normalize-package-data#what-normalization-currently-entails)\n\n\n## Install\n\n```\n$ npm install --save read-pkg\n```\n\n\n## Usage\n\n```js\nvar readPkg = require('read-pkg');\n\nreadPkg().then(function (pkg) {\n\tconsole.log(pkg);\n\t//=> {name: 'read-pkg', ...}\n});\n\nreadPkg(__dirname).then(function (pkg) {\n\tconsole.log(pkg);\n\t//=> {name: 'read-pkg', ...}\n});\n\nreadPkg(path.join('unicorn', 'package.json')).then(function (pkg) {\n\tconsole.log(pkg);\n\t//=> {name: 'read-pkg', ...}\n});\n```\n\n\n## API\n\n### readPkg([path], [options])\n\nReturns a promise that resolves to the parsed JSON.\n\n### readPkg.sync([path], [options])\n\nReturns the parsed JSON.\n\n#### path\n\nType: `string` \nDefault: `.`\n\nPath to a `package.json` file or its directory.\n\n#### options\n\n##### normalize\n\nType: `boolean` \nDefault: `true`\n\n[Normalize](https://github.com/npm/normalize-package-data#what-normalization-currently-entails) the package data.\n\n\n## Related\n\n- [read-pkg-up](https://github.com/sindresorhus/read-pkg-up) - Read the closest package.json file\n- [write-pkg](https://github.com/sindresorhus/write-pkg) - Write a `package.json` file\n- [load-json-file](https://github.com/sindresorhus/load-json-file) - Read and parse a JSON file\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\read-pkg", + "error": "[Circular]", + "extraneous": false + }, + "symbol": { + "_args": [ + [ + "symbol@^0.2.1", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/pkg-conf" + ], + [ + "symbol@0.2.1", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "symbol@>=0.2.1 <0.3.0", + "_id": "symbol@0.2.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/symbol", + "_npmUser": { + "email": "sean.monstar@gmail.com", + "name": "seanmonstar" + }, + "_npmVersion": "1.3.11", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "symbol@0.2.1", + "name": "symbol", + "escapedName": "symbol", + "rawSpec": "0.2.1", + "saveSpec": "[Circular]", + "fetchSpec": "0.2.1" + }, + "_requiredBy": [ + "/bundle-dependencies/pkg-conf" + ], + "_resolved": "https://registry.npmjs.org/symbol/-/symbol-0.2.1.tgz", + "_shasum": "c2124fb7b2e3eea30e4fa824341aa789b3534c95", + "_shrinkwrap": "[Circular]", + "_spec": "0.2.1", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Sean McArthur", + "email": "sean.monstar@gmail.com", + "url": "http://seanmonstar.com" + }, + "bugs": { + "url": "https://github.com/seanmonstar/symbol/issues" + }, + "dependencies": {}, + "description": "ES6 Symbols in your ES5.", + "devDependencies": {}, + "directories": {}, + "dist": { + "shasum": "c2124fb7b2e3eea30e4fa824341aa789b3534c95", + "tarball": "http://registry.npmjs.org/symbol/-/symbol-0.2.1.tgz" + }, + "homepage": "https://github.com/seanmonstar/symbol#readme", + "keywords": [ + "symbols", + "es6", + "harmony" + ], + "license": "MPLv2.0", + "main": "index.js", + "maintainers": [ + { + "name": "seanmonstar", + "email": "sean.monstar@gmail.com" + } + ], + "name": "symbol", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git://github.com/seanmonstar/symbol.git" + }, + "scripts": { + "test": "node test.js" + }, + "version": "0.2.1", + "readme": "# Symbols\n\n[![NPM version](https://badge.fury.io/js/symbol.png)](http://badge.fury.io/js/symbol)\n\n[ES6 Symbols](https://people.mozilla.org/~jorendorff/es6-draft.html#sec-symbol-objects), in your ES5.\n\nIf `Symbol` is already defined, it will be used. Otherwise, this implements as much of the `Symbol` spec as is possible with plain JavaScript.\n\n## Usage\n\n```js\nvar Symbol = require('symbol');\nvar key = Symbol();\n\nvar obj = {};\nobj[key] = 'foo';\nconsole.log(obj[key]); // 'foo'\nconsole.log(Object.keys(obj)); // []\n```\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\symbol", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Get namespaced config from the closest package.json", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "a3caee3fb9c23ab4abad3baaea02f0001c75f200", + "tarball": "http://registry.npmjs.org/pkg-conf/-/pkg-conf-1.1.1.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "fixture": { + "foo": true + }, + "gitHead": "9bb0bb78f4e6d8b6e14e8ef28b1cfba7305341f6", + "homepage": "https://github.com/sindresorhus/pkg-conf#readme", + "keywords": [ + "json", + "read", + "parse", + "file", + "fs", + "graceful", + "load", + "pkg", + "package", + "config", + "conf", + "configuration", + "object", + "namespace", + "namespaced" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "pkg-conf", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/pkg-conf.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "1.1.1", + "readme": "# pkg-conf [![Build Status](https://travis-ci.org/sindresorhus/pkg-conf.svg?branch=master)](https://travis-ci.org/sindresorhus/pkg-conf)\n\n> Get namespaced config from the closest package.json\n\nFor example, [XO](https://github.com/sindresorhus/xo) uses the `xo` namespace in package.json and [ESLint](http://eslint.org) uses `eslintConfig`.\n\n\n## Install\n\n```\n$ npm install --save pkg-conf\n```\n\n\n## Usage\n\n```json\n{\n\t\"name\": \"some-package\",\n\t\"version\": \"1.0.0\",\n\t\"unicorn\": {\n\t\t\"rainbow\": true\n\t}\n}\n```\n\n```js\nconst pkgConf = require('pkg-conf');\n\npkgConf('unicorn').then(config => {\n\tconsole.log(config.rainbow);\n\t//=> true\n});\n```\n\n\n## API\n\nIt [walks up](https://github.com/sindresorhus/find-up) parent directories until a `package.json` can be found, reads it, and returns the user specified namespace or an empty object if not found.\n\n### pkgConf(namespace, [options])\n\nReturns a promise that resolves to the config.\n\n### pkgConf.sync(namespace, [options])\n\nReturns the config.\n\n#### namespace\n\nType: `string`\n\nThe package.json namespace you want.\n\n#### options\n\n##### cwd\n\nType: `string`
\nDefault: `process.cwd()`\n\nDirectory to start looking up for a package.json file.\n\n##### defaults\n\nType: `object`
\n\nDefault config.\n\n### pkgConf.filepath(config)\n\nPass in the `config` returned from any of the above methods.\n\nReturns the filepath to the package.json file or `null`.\n\n\n## Related\n\n- [read-pkg-up](https://github.com/sindresorhus/read-pkg-up) - Read the closest package.json file\n- [read-pkg](https://github.com/sindresorhus/read-pkg) - Read a package.json file\n- [find-up](https://github.com/sindresorhus/find-up) - Find a file by walking up parent directories\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "find-up": "^1.0.0", + "object-assign": "^4.0.1", + "read-pkg": "^1.0.0", + "symbol": "^0.2.1" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pkg-conf", + "error": "[Circular]", + "extraneous": false + }, + "read-pkg-up": { + "_args": [ + [ + "read-pkg-up@^1.0.1", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "read-pkg-up@1.0.1", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "read-pkg-up@>=1.0.1 <2.0.0", + "_id": "read-pkg-up@1.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/read-pkg-up", + "_nodeVersion": "0.12.7", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.11.3", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "read-pkg-up@1.0.1", + "name": "read-pkg-up", + "escapedName": "read-pkg-up", + "rawSpec": "1.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.1" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/read-pkg-up/-/read-pkg-up-1.0.1.tgz", + "_shasum": "9d63c13276c065918d57f002a57f40a1b643fb02", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.1", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/read-pkg-up/issues" + }, + "dependencies": { + "find-up": { + "_args": "[Circular]", + "_from": "find-up@>=1.0.0 <2.0.0", + "_id": "find-up@1.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/find-up", + "_nodeVersion": "4.2.1", + "_npmUser": "[Circular]", + "_npmVersion": "2.14.7", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "find-up@1.1.0", + "name": "find-up", + "escapedName": "find-up", + "rawSpec": "1.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.0" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/find-up/-/find-up-1.1.0.tgz", + "_shasum": "a63b0eec4625a2902534898a5f9eec8aaed046e9", + "_shrinkwrap": "[Circular]", + "_spec": "1.1.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "Find a file by walking up parent directories", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "06e9dae73659ddf2421440ca4695161c38d7d2fb", + "homepage": "https://github.com/sindresorhus/find-up", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "find-up", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "1.1.0", + "readme": "# find-up [![Build Status](https://travis-ci.org/sindresorhus/find-up.svg?branch=master)](https://travis-ci.org/sindresorhus/find-up)\n\n> Find a file by walking up parent directories\n\n\n## Install\n\n```\n$ npm install --save find-up\n```\n\n\n## Usage\n\n```\n/\n└── Users\n └── sindresorhus\n ├── unicorn.png\n └── foo\n └── bar\n ├── baz\n └── example.js\n```\n\n```js\n// example.js\nvar findUp = require('find-up');\n\nfindUp('unicorn.png').then(function (filepath) {\n\tconsole.log(filepath);\n\t//=> '/Users/sindresorhus/unicorn.png'\n});\n```\n\n\n## API\n\n### findUp(filename, [options])\n\nReturns a promise that resolves to a filepath or `null`.\n\n### findUp.sync(filename, [options])\n\nReturns a filepath or `null`.\n\n#### filename\n\nType: `string`\n\nFilename of the file to find.\n\n#### options\n\n##### cwd\n\nType: `string` \nDefault: `process.cwd()`\n\nDirectory to start from.\n\n\n## Related\n\n- [find-up-cli](https://github.com/sindresorhus/find-up-cli) - CLI for this module\n- [pkg-up](https://github.com/sindresorhus/pkg-up) - Find the closest package.json file\n- [pkg-dir](https://github.com/sindresorhus/pkg-dir) - Find the root directory of a npm package\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\find-up", + "error": "[Circular]", + "extraneous": false, + "_deduped": "node_modules\\bundle-dependencies\\node_modules\\find-up" + }, + "read-pkg": { + "_args": "[Circular]", + "_from": "read-pkg@>=1.0.0 <2.0.0", + "_id": "read-pkg@1.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/read-pkg", + "_nodeVersion": "3.0.0", + "_npmUser": "[Circular]", + "_npmVersion": "2.13.3", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "read-pkg@1.1.0", + "name": "read-pkg", + "escapedName": "read-pkg", + "rawSpec": "1.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.0" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/read-pkg/-/read-pkg-1.1.0.tgz", + "_shasum": "f5ffaa5ecd29cb31c0474bca7d756b6bb29e3f28", + "_shrinkwrap": "[Circular]", + "_spec": "1.1.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "Read a package.json file", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "9448d32b2ebcd65fc0547def3cfe5b28ef522e68", + "homepage": "https://github.com/sindresorhus/read-pkg", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "read-pkg", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "1.1.0", + "readme": "# read-pkg [![Build Status](https://travis-ci.org/sindresorhus/read-pkg.svg?branch=master)](https://travis-ci.org/sindresorhus/read-pkg)\n\n> Read a package.json file\n\n\n## Why\n\n- [Gracefully handles filesystem issues](https://github.com/isaacs/node-graceful-fs)\n- [Strips UTF-8 BOM](https://github.com/sindresorhus/strip-bom)\n- [Throws more helpful JSON errors](https://github.com/sindresorhus/parse-json)\n- [Normalizes the data](https://github.com/npm/normalize-package-data#what-normalization-currently-entails)\n\n\n## Install\n\n```\n$ npm install --save read-pkg\n```\n\n\n## Usage\n\n```js\nvar readPkg = require('read-pkg');\n\nreadPkg().then(function (pkg) {\n\tconsole.log(pkg);\n\t//=> {name: 'read-pkg', ...}\n});\n\nreadPkg(__dirname).then(function (pkg) {\n\tconsole.log(pkg);\n\t//=> {name: 'read-pkg', ...}\n});\n\nreadPkg(path.join('unicorn', 'package.json')).then(function (pkg) {\n\tconsole.log(pkg);\n\t//=> {name: 'read-pkg', ...}\n});\n```\n\n\n## API\n\n### readPkg([path], [options])\n\nReturns a promise that resolves to the parsed JSON.\n\n### readPkg.sync([path], [options])\n\nReturns the parsed JSON.\n\n#### path\n\nType: `string` \nDefault: `.`\n\nPath to a `package.json` file or its directory.\n\n#### options\n\n##### normalize\n\nType: `boolean` \nDefault: `true`\n\n[Normalize](https://github.com/npm/normalize-package-data#what-normalization-currently-entails) the package data.\n\n\n## Related\n\n- [read-pkg-up](https://github.com/sindresorhus/read-pkg-up) - Read the closest package.json file\n- [write-pkg](https://github.com/sindresorhus/write-pkg) - Write a `package.json` file\n- [load-json-file](https://github.com/sindresorhus/load-json-file) - Read and parse a JSON file\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\read-pkg", + "error": "[Circular]", + "extraneous": false, + "_deduped": "node_modules\\bundle-dependencies\\node_modules\\read-pkg" + } + }, + "description": "Read the closest package.json file", + "devDependencies": { + "ava": "*", + "xo": "*" + }, + "directories": {}, + "dist": { + "shasum": "9d63c13276c065918d57f002a57f40a1b643fb02", + "tarball": "http://registry.npmjs.org/read-pkg-up/-/read-pkg-up-1.0.1.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "27ec7c844b495a39eea7859c5f4d4721ebf60e8e", + "homepage": "https://github.com/sindresorhus/read-pkg-up", + "keywords": [ + "json", + "read", + "parse", + "file", + "fs", + "graceful", + "load", + "pkg", + "package", + "find", + "up", + "find-up", + "findup", + "look-up", + "look", + "file", + "search", + "match", + "package", + "resolve", + "parent", + "parents", + "folder", + "directory", + "dir", + "walk", + "walking", + "path" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "read-pkg-up", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/read-pkg-up.git" + }, + "scripts": { + "test": "xo && ava" + }, + "version": "1.0.1", + "readme": "# read-pkg-up [![Build Status](https://travis-ci.org/sindresorhus/read-pkg-up.svg?branch=master)](https://travis-ci.org/sindresorhus/read-pkg-up)\n\n> Read the closest package.json file\n\n\n## Why\n\n- [Finds the closest package.json](https://github.com/sindresorhus/find-up)\n- [Gracefully handles filesystem issues](https://github.com/isaacs/node-graceful-fs)\n- [Strips UTF-8 BOM](https://github.com/sindresorhus/strip-bom)\n- [Throws more helpful JSON errors](https://github.com/sindresorhus/parse-json)\n- [Normalizes the data](https://github.com/npm/normalize-package-data#what-normalization-currently-entails)\n\n\n## Install\n\n```\n$ npm install --save read-pkg-up\n```\n\n\n## Usage\n\n```js\nvar readPkgUp = require('read-pkg-up');\n\nreadPkgUp().then(function (result) {\n\tconsole.log(result);\n\t/*\n\t{\n\t\tpkg: {\n\t\t\tname: 'awesome-package',\n\t\t\tversion: '1.0.0',\n\t\t\t...\n\t\t},\n\t\tpath: '/Users/sindresorhus/dev/awesome-package'\n\t}\n\t*/\n});\n```\n\n\n## API\n\n### readPkgUp([options])\n\nReturns a promise that resolves to a result object.\n\n### readPkgUp.sync([options])\n\nReturns a result object.\n\n#### options\n\n##### cwd\n\nType: `string` \nDefault: `.`\n\nDirectory to start looking for a package.json file.\n\n##### normalize\n\nType: `boolean` \nDefault: `true`\n\n[Normalize](https://github.com/npm/normalize-package-data#what-normalization-currently-entails) the package data.\n\n\n## Related\n\n- [read-pkg](https://github.com/sindresorhus/read-pkg) - Read a package.json file\n- [find-up](https://github.com/sindresorhus/find-up) - Find a file by walking up parent directories\n- [pkg-conf](https://github.com/sindresorhus/pkg-conf) - Get namespaced config from the closest package.json\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "find-up": "^1.0.0", + "read-pkg": "^1.0.0" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\read-pkg-up", + "error": "[Circular]", + "extraneous": false + }, + "require-main-filename": { + "_args": [ + [ + "require-main-filename@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "require-main-filename@1.0.1", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "require-main-filename@>=1.0.0 <2.0.0", + "_id": "require-main-filename@1.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/require-main-filename", + "_nodeVersion": "3.2.0", + "_npmOperationalInternal": { + "host": "packages-6-west.internal.npmjs.com", + "tmp": "tmp/require-main-filename-1.0.1.tgz_1455688492890_0.0750324921682477" + }, + "_npmUser": { + "email": "ben@npmjs.com", + "name": "bcoe" + }, + "_npmVersion": "3.3.0", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "require-main-filename@1.0.1", + "name": "require-main-filename", + "escapedName": "require-main-filename", + "rawSpec": "1.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.1" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/require-main-filename/-/require-main-filename-1.0.1.tgz", + "_shasum": "97f717b69d48784f5f526a6c5aa8ffdda055a4d1", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.1", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Ben Coe", + "email": "ben@npmjs.com" + }, + "bugs": { + "url": "https://github.com/yargs/require-main-filename/issues" + }, + "dependencies": {}, + "description": "shim for require.main.filename() that works in as many environments as possible", + "devDependencies": { + "chai": "^3.5.0", + "standard": "^6.0.5", + "tap": "^5.2.0" + }, + "directories": {}, + "dist": { + "shasum": "97f717b69d48784f5f526a6c5aa8ffdda055a4d1", + "tarball": "http://registry.npmjs.org/require-main-filename/-/require-main-filename-1.0.1.tgz" + }, + "gitHead": "6dd2291332bed764c56302ccdd14da8a213249a1", + "homepage": "https://github.com/yargs/require-main-filename#readme", + "keywords": [ + "require", + "shim", + "iisnode" + ], + "license": "ISC", + "main": "index.js", + "maintainers": [ + { + "name": "bcoe", + "email": "ben@npmjs.com" + } + ], + "name": "require-main-filename", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+ssh://git@github.com/yargs/require-main-filename.git" + }, + "scripts": { + "pretest": "standard", + "test": "tap --coverage test.js" + }, + "version": "1.0.1", + "readme": "# require-main-filename\n\n[![Build Status](https://travis-ci.org/yargs/require-main-filename.png)](https://travis-ci.org/yargs/require-main-filename)\n[![Coverage Status](https://coveralls.io/repos/yargs/require-main-filename/badge.svg?branch=master)](https://coveralls.io/r/yargs/require-main-filename?branch=master)\n[![NPM version](https://img.shields.io/npm/v/require-main-filename.svg)](https://www.npmjs.com/package/require-main-filename)\n\n`require.main.filename` is great for figuring out the entry\npoint for the current application. This can be combined with a module like\n[pkg-conf](https://www.npmjs.com/package/pkg-conf) to, _as if by magic_, load\ntop-level configuration.\n\nUnfortunately, `require.main.filename` sometimes fails when an application is\nexecuted with an alternative process manager, e.g., [iisnode](https://github.com/tjanczuk/iisnode).\n\n`require-main-filename` is a shim that addresses this problem.\n\n## Usage\n\n```js\nvar main = require('require-main-filename')()\n// use main as an alternative to require.main.filename.\n```\n\n## License\n\nISC\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\require-main-filename", + "error": "[Circular]", + "extraneous": false + }, + "string-width": { + "_args": "[Circular]", + "_from": "string-width@>=1.0.1 <2.0.0", + "_id": "string-width@1.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/string-width", + "_nodeVersion": "0.12.5", + "_npmUser": "[Circular]", + "_npmVersion": "2.11.2", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "string-width@1.0.1", + "name": "string-width", + "escapedName": "string-width", + "rawSpec": "1.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.1" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/string-width/-/string-width-1.0.1.tgz", + "_shasum": "c92129b6f1d7f52acf9af424a26e3864a05ceb0a", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.1", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": { + "code-point-at": { + "_args": [ + [ + "code-point-at@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/string-width" + ], + [ + "code-point-at@1.0.0", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "code-point-at@>=1.0.0 <2.0.0", + "_id": "code-point-at@1.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/code-point-at", + "_nodeVersion": "0.12.5", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.11.2", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "code-point-at@1.0.0", + "name": "code-point-at", + "escapedName": "code-point-at", + "rawSpec": "1.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/string-width" + ], + "_resolved": "https://registry.npmjs.org/code-point-at/-/code-point-at-1.0.0.tgz", + "_shasum": "f69b192d3f7d91e382e4b71bddb77878619ab0c6", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/code-point-at/issues" + }, + "dependencies": { + "number-is-nan": { + "_args": [ + [ + "number-is-nan@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/code-point-at" + ], + [ + "number-is-nan@1.0.0", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "number-is-nan@>=1.0.0 <2.0.0", + "_id": "number-is-nan@1.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/number-is-nan", + "_nodeVersion": "0.12.3", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.10.0", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "number-is-nan@1.0.0", + "name": "number-is-nan", + "escapedName": "number-is-nan", + "rawSpec": "1.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/code-point-at", + "/bundle-dependencies/is-fullwidth-code-point" + ], + "_resolved": "https://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.0.tgz", + "_shasum": "c020f529c5282adfdd233d91d4b181c3d686dc4b", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/number-is-nan/issues" + }, + "dependencies": {}, + "description": "ES6 Number.isNaN() ponyfill", + "devDependencies": { + "ava": "0.0.4" + }, + "directories": {}, + "dist": { + "shasum": "c020f529c5282adfdd233d91d4b181c3d686dc4b", + "tarball": "http://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "0f394b1bc33185c40304363b209e3f0588dbeeb3", + "homepage": "https://github.com/sindresorhus/number-is-nan#readme", + "keywords": [ + "es6", + "es2015", + "ecmascript", + "harmony", + "ponyfill", + "polyfill", + "shim", + "number", + "is", + "nan", + "not" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "number-is-nan", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/number-is-nan.git" + }, + "scripts": { + "test": "node test.js" + }, + "version": "1.0.0", + "readme": "# number-is-nan [![Build Status](https://travis-ci.org/sindresorhus/number-is-nan.svg?branch=master)](https://travis-ci.org/sindresorhus/number-is-nan)\n\n> ES6 [`Number.isNaN()`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Number/isNaN) ponyfill\n\n> Ponyfill: A polyfill that doesn't overwrite the native method\n\n\n## Install\n\n```\n$ npm install --save number-is-nan\n```\n\n\n## Usage\n\n```js\nvar numberIsNan = require('number-is-nan');\n\nnumberIsNan(NaN);\n//=> true\n\nnumberIsNan('unicorn');\n//=> false\n```\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\number-is-nan", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "ES2015 String#codePointAt() ponyfill", + "devDependencies": { + "ava": "0.0.4" + }, + "directories": {}, + "dist": { + "shasum": "f69b192d3f7d91e382e4b71bddb77878619ab0c6", + "tarball": "http://registry.npmjs.org/code-point-at/-/code-point-at-1.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "c2ffa4064718b37c84c73a633abeeed5b486a469", + "homepage": "https://github.com/sindresorhus/code-point-at", + "keywords": [ + "es2015", + "es6", + "ponyfill", + "polyfill", + "shim", + "string", + "str", + "code", + "point", + "at", + "codepoint", + "unicode" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "code-point-at", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/code-point-at.git" + }, + "scripts": { + "test": "node test.js" + }, + "version": "1.0.0", + "readme": "# code-point-at [![Build Status](https://travis-ci.org/sindresorhus/code-point-at.svg?branch=master)](https://travis-ci.org/sindresorhus/code-point-at)\n\n> ES2015 [`String#codePointAt()`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/codePointAt) ponyfill\n\n> Ponyfill: A polyfill that doesn't overwrite the native method\n\n\n## Install\n\n```\n$ npm install --save code-point-at\n```\n\n\n## Usage\n\n```js\nvar codePointAt = require('code-point-at');\n\ncodePointAt('🐴');\n//=> 128052\n\ncodePointAt('abc', 2);\n//=> 99\n```\n\n## API\n\n### codePointAt(input, [position])\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\code-point-at", + "error": "[Circular]", + "extraneous": false + }, + "is-fullwidth-code-point": { + "_args": [ + [ + "is-fullwidth-code-point@^1.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/string-width" + ], + [ + "is-fullwidth-code-point@1.0.0", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "is-fullwidth-code-point@>=1.0.0 <2.0.0", + "_id": "is-fullwidth-code-point@1.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/is-fullwidth-code-point", + "_nodeVersion": "0.12.5", + "_npmUser": { + "email": "sindresorhus@gmail.com", + "name": "sindresorhus" + }, + "_npmVersion": "2.11.2", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "is-fullwidth-code-point@1.0.0", + "name": "is-fullwidth-code-point", + "escapedName": "is-fullwidth-code-point", + "rawSpec": "1.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.0" + }, + "_requiredBy": [ + "/bundle-dependencies/string-width" + ], + "_resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz", + "_shasum": "ef9e31386f031a7f0d643af82fde50c457ef00cb", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Sindre Sorhus", + "email": "sindresorhus@gmail.com", + "url": "sindresorhus.com" + }, + "bugs": { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point/issues" + }, + "dependencies": { + "number-is-nan": { + "_args": "[Circular]", + "_from": "number-is-nan@>=1.0.0 <2.0.0", + "_id": "number-is-nan@1.0.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/number-is-nan", + "_nodeVersion": "0.12.3", + "_npmUser": "[Circular]", + "_npmVersion": "2.10.0", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "number-is-nan@1.0.0", + "name": "number-is-nan", + "escapedName": "number-is-nan", + "rawSpec": "1.0.0", + "saveSpec": "[Circular]", + "fetchSpec": "1.0.0" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.0.tgz", + "_shasum": "c020f529c5282adfdd233d91d4b181c3d686dc4b", + "_shrinkwrap": "[Circular]", + "_spec": "1.0.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "ES6 Number.isNaN() ponyfill", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "0f394b1bc33185c40304363b209e3f0588dbeeb3", + "homepage": "https://github.com/sindresorhus/number-is-nan#readme", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "number-is-nan", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "1.0.0", + "readme": "# number-is-nan [![Build Status](https://travis-ci.org/sindresorhus/number-is-nan.svg?branch=master)](https://travis-ci.org/sindresorhus/number-is-nan)\n\n> ES6 [`Number.isNaN()`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Number/isNaN) ponyfill\n\n> Ponyfill: A polyfill that doesn't overwrite the native method\n\n\n## Install\n\n```\n$ npm install --save number-is-nan\n```\n\n\n## Usage\n\n```js\nvar numberIsNan = require('number-is-nan');\n\nnumberIsNan(NaN);\n//=> true\n\nnumberIsNan('unicorn');\n//=> false\n```\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\number-is-nan", + "error": "[Circular]", + "extraneous": false, + "_deduped": "node_modules\\bundle-dependencies\\node_modules\\number-is-nan" + } + }, + "description": "Check if the character represented by a given Unicode code point is fullwidth", + "devDependencies": { + "ava": "0.0.4", + "code-point-at": "^1.0.0" + }, + "directories": {}, + "dist": { + "shasum": "ef9e31386f031a7f0d643af82fde50c457ef00cb", + "tarball": "http://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz" + }, + "engines": { + "node": ">=0.10.0" + }, + "files": [ + "index.js" + ], + "gitHead": "f2152d357f41f82785436d428e4f8ede143b7548", + "homepage": "https://github.com/sindresorhus/is-fullwidth-code-point", + "keywords": [ + "fullwidth", + "full-width", + "full", + "width", + "unicode", + "character", + "char", + "string", + "str", + "codepoint", + "code", + "point", + "is", + "detect", + "check" + ], + "license": "MIT", + "maintainers": [ + { + "name": "sindresorhus", + "email": "sindresorhus@gmail.com" + } + ], + "name": "is-fullwidth-code-point", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/sindresorhus/is-fullwidth-code-point.git" + }, + "scripts": { + "test": "node test.js" + }, + "version": "1.0.0", + "readme": "# is-fullwidth-code-point [![Build Status](https://travis-ci.org/sindresorhus/is-fullwidth-code-point.svg?branch=master)](https://travis-ci.org/sindresorhus/is-fullwidth-code-point)\n\n> Check if the character represented by a given [Unicode code point](https://en.wikipedia.org/wiki/Code_point) is [fullwidth](https://en.wikipedia.org/wiki/Halfwidth_and_fullwidth_forms)\n\n\n## Install\n\n```\n$ npm install --save is-fullwidth-code-point\n```\n\n\n## Usage\n\n```js\nvar isFullwidthCodePoint = require('is-fullwidth-code-point');\n\nisFullwidthCodePoint('谢'.codePointAt());\n//=> true\n\nisFullwidthCodePoint('a'.codePointAt());\n//=> false\n```\n\n\n## API\n\n### isFullwidthCodePoint(input)\n\n#### input\n\nType: `number`\n\n[Code point](https://en.wikipedia.org/wiki/Code_point) of a character.\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\is-fullwidth-code-point", + "error": "[Circular]", + "extraneous": false + }, + "strip-ansi": { + "_args": "[Circular]", + "_from": "strip-ansi@>=3.0.0 <4.0.0", + "_id": "strip-ansi@3.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/strip-ansi", + "_nodeVersion": "0.12.7", + "_npmOperationalInternal": "[Circular]", + "_npmUser": "[Circular]", + "_npmVersion": "2.11.3", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "strip-ansi@3.0.1", + "name": "strip-ansi", + "escapedName": "strip-ansi", + "rawSpec": "3.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "3.0.1" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz", + "_shasum": "6a385fb8853d952d5ff05d0e8aaf94278dc63dcf", + "_shrinkwrap": "[Circular]", + "_spec": "3.0.1", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "Strip ANSI escape codes", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "8270705c704956da865623e564eba4875c3ea17f", + "homepage": "https://github.com/chalk/strip-ansi", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "strip-ansi", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "3.0.1", + "readme": "# strip-ansi [![Build Status](https://travis-ci.org/chalk/strip-ansi.svg?branch=master)](https://travis-ci.org/chalk/strip-ansi)\n\n> Strip [ANSI escape codes](http://en.wikipedia.org/wiki/ANSI_escape_code)\n\n\n## Install\n\n```\n$ npm install --save strip-ansi\n```\n\n\n## Usage\n\n```js\nvar stripAnsi = require('strip-ansi');\n\nstripAnsi('\\u001b[4mcake\\u001b[0m');\n//=> 'cake'\n```\n\n\n## Related\n\n- [strip-ansi-cli](https://github.com/chalk/strip-ansi-cli) - CLI for this module\n- [has-ansi](https://github.com/chalk/has-ansi) - Check if a string has ANSI escape codes\n- [ansi-regex](https://github.com/chalk/ansi-regex) - Regular expression for matching ANSI escape codes\n- [chalk](https://github.com/chalk/chalk) - Terminal string styling done right\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\strip-ansi", + "error": "[Circular]", + "extraneous": false, + "_deduped": "node_modules\\bundle-dependencies\\node_modules\\strip-ansi" + } + }, + "description": "Get the visual width of a string - the number of columns required to display it", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "f279cfd14835f0a3c8df69ba18e9a3960156e135", + "homepage": "https://github.com/sindresorhus/string-width", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "string-width", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "1.0.1", + "readme": "# string-width [![Build Status](https://travis-ci.org/sindresorhus/string-width.svg?branch=master)](https://travis-ci.org/sindresorhus/string-width)\n\n> Get the visual width of a string - the number of columns required to display it\n\nSome Unicode characters are [fullwidth](https://en.wikipedia.org/wiki/Halfwidth_and_fullwidth_forms) and use double the normal width.\n\nUseful to be able to measure the actual width of command-line output.\n\n\n## Install\n\n```\n$ npm install --save string-width\n```\n\n\n## Usage\n\n```js\nvar stringWidth = require('string-width');\n\nstringWidth('古');\n//=> 2\n\nstringWidth('\\u001b[1m古\\u001b[22m');\n//=> 2\n\nstringWidth('a');\n//=> 1\n```\n\n\n## Related\n\n- [string-width-cli](https://github.com/sindresorhus/string-width-cli) - CLI for this module\n- [string-length](https://github.com/sindresorhus/string-length) - Get the real length of a string\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\string-width", + "error": "[Circular]", + "extraneous": false + }, + "window-size": { + "_args": [ + [ + "window-size@^0.2.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "window-size@0.2.0", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "window-size@>=0.2.0 <0.3.0", + "_id": "window-size@0.2.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/window-size", + "_nodeVersion": "5.3.0", + "_npmUser": { + "email": "github@sellside.com", + "name": "jonschlinkert" + }, + "_npmVersion": "3.3.12", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "window-size@0.2.0", + "name": "window-size", + "escapedName": "window-size", + "rawSpec": "0.2.0", + "saveSpec": "[Circular]", + "fetchSpec": "0.2.0" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/window-size/-/window-size-0.2.0.tgz", + "_shasum": "b4315bb4214a3d7058ebeee892e13fa24d98b075", + "_shrinkwrap": "[Circular]", + "_spec": "0.2.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Jon Schlinkert", + "url": "https://github.com/jonschlinkert" + }, + "bin": { + "window-size": "cli.js" + }, + "bugs": { + "url": "https://github.com/jonschlinkert/window-size/issues" + }, + "dependencies": {}, + "description": "Reliable way to to get the height and width of the terminal/console in a node.js environment.", + "devDependencies": { + "semistandard": "^7.0.2", + "tap": "^2.2.1" + }, + "directories": {}, + "dist": { + "shasum": "b4315bb4214a3d7058ebeee892e13fa24d98b075", + "tarball": "http://registry.npmjs.org/window-size/-/window-size-0.2.0.tgz" + }, + "engines": { + "node": ">= 0.10.0" + }, + "files": [ + "index.js", + "cli.js" + ], + "gitHead": "538b4406a6f30c9a2c8f84ba38bb34a39775bd2b", + "homepage": "https://github.com/jonschlinkert/window-size", + "keywords": [ + "console", + "height", + "resize", + "size", + "terminal", + "tty", + "width", + "window" + ], + "license": "MIT", + "main": "index.js", + "maintainers": [ + { + "name": "jonschlinkert", + "email": "github@sellside.com" + }, + { + "name": "doowb", + "email": "brian.woodward@gmail.com" + } + ], + "name": "window-size", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/jonschlinkert/window-size.git" + }, + "scripts": { + "pretest": "semistandard", + "test": "tap --coverage test.js" + }, + "verb": { + "related": { + "list": [ + "yargs", + "lint-deps", + "base-cli" + ] + } + }, + "version": "0.2.0", + "readme": "# window-size [![NPM version](https://badge.fury.io/js/window-size.svg)](http://badge.fury.io/js/window-size) [![Build Status](https://travis-ci.org/jonschlinkert/window-size.svg)](https://travis-ci.org/jonschlinkert/window-size)\n\n> Reliable way to to get the height and width of the terminal/console in a node.js environment.\n\n## Install\n\nInstall with [npm](https://www.npmjs.com/)\n\n```sh\n$ npm i window-size --save\n```\n\n## Usage\n\n```js\nvar size = require('window-size');\nsize.height; // \"25\" (rows)\nsize.width; // \"80\" (columns)\n```\n\n## Other projects\n\n* [base-cli](https://www.npmjs.com/package/base-cli): Plugin for base-methods that maps built-in methods to CLI args (also supports methods from a… [more](https://www.npmjs.com/package/base-cli) | [homepage](https://github.com/jonschlinkert/base-cli)\n* [lint-deps](https://www.npmjs.com/package/lint-deps): CLI tool that tells you when dependencies are missing from package.json and offers you a… [more](https://www.npmjs.com/package/lint-deps) | [homepage](https://github.com/jonschlinkert/lint-deps)\n* [yargs](https://www.npmjs.com/package/yargs): Light-weight option parsing with an argv hash. No optstrings attached. | [homepage](https://github.com/bcoe/yargs#readme)\n\n## Contributing\n\nPull requests and stars are always welcome. For bugs and feature requests, [please create an issue](https://github.com/jonschlinkert/window-size/issues/new).\n\n## Author\n\n**Jon Schlinkert**\n\n+ [github/jonschlinkert](https://github.com/jonschlinkert)\n+ [twitter/jonschlinkert](http://twitter.com/jonschlinkert)\n\n## License\n\nCopyright © 2014-2015 [Jon Schlinkert](https://github.com/jonschlinkert)\nReleased under the MIT license.\n\n***\n\n_This file was generated by [verb-cli](https://github.com/assemble/verb-cli) on November 15, 2015._", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\window-size", + "error": "[Circular]", + "extraneous": false + }, + "y18n": { + "_args": [ + [ + "y18n@^3.2.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "y18n@3.2.0", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "y18n@>=3.2.0 <4.0.0", + "_id": "y18n@3.2.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/y18n", + "_nodeVersion": "0.12.7", + "_npmUser": { + "email": "andrewbgoode@gmail.com", + "name": "abg" + }, + "_npmVersion": "2.14.2", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "y18n@3.2.0", + "name": "y18n", + "escapedName": "y18n", + "rawSpec": "3.2.0", + "saveSpec": "[Circular]", + "fetchSpec": "3.2.0" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/y18n/-/y18n-3.2.0.tgz", + "_shasum": "3bec64c93b730d924a6148c765757932433e34c8", + "_shrinkwrap": "[Circular]", + "_spec": "3.2.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Ben Coe", + "email": "ben@npmjs.com" + }, + "bugs": { + "url": "https://github.com/bcoe/y18n/issues" + }, + "dependencies": {}, + "description": "the bare-bones internationalization library used by yargs", + "devDependencies": { + "chai": "^3.3.0", + "coveralls": "^2.11.4", + "mocha": "^2.3.3", + "nyc": "^3.2.2", + "rimraf": "^2.4.3", + "standard": "^5.3.1" + }, + "directories": {}, + "dist": { + "shasum": "3bec64c93b730d924a6148c765757932433e34c8", + "tarball": "http://registry.npmjs.org/y18n/-/y18n-3.2.0.tgz" + }, + "gitHead": "a92184823afa8cccef4c8100a0b79338f85ab089", + "homepage": "https://github.com/bcoe/y18n", + "keywords": [ + "i18n", + "internationalization", + "yargs" + ], + "license": "ISC", + "main": "index.js", + "maintainers": [ + { + "name": "bcoe", + "email": "ben@npmjs.com" + }, + { + "name": "abg", + "email": "andrewbgoode@gmail.com" + } + ], + "name": "y18n", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+ssh://git@github.com/bcoe/y18n.git" + }, + "scripts": { + "coverage": "nyc report --reporter=text-lcov | coveralls", + "pretest": "standard", + "test": "nyc mocha" + }, + "version": "3.2.0", + "readme": "# y18n\n\n[![Build Status][travis-image]][travis-url]\n[![Coverage Status][coveralls-image]][coveralls-url]\n[![NPM version][npm-image]][npm-url]\n[![js-standard-style][standard-image]][standard-url]\n\nThe bare-bones internationalization library used by yargs.\n\nInspired by [i18n](https://www.npmjs.com/package/i18n).\n\n## Examples\n\n_simple string translation:_\n\n```js\nvar __ = require('y18n').__\n\nconsole.log(__('my awesome string %s', 'foo'))\n```\n\noutput:\n\n`my awesome string foo`\n\n_pluralization support:_\n\n```js\nvar __n = require('y18n').__n\n\nconsole.log(__n('one fish %s', '%d fishes %s', 2, 'foo'))\n```\n\noutput:\n\n`2 fishes foo`\n\n## JSON Language Files\n\nThe JSON language files should be stored in a `./locales` folder.\nFile names correspond to locales, e.g., `en.json`, `pirate.json`.\n\nWhen strings are observed for the first time they will be\nadded to the JSON file corresponding to the current locale.\n\n## Methods\n\n### require('y18n')(config)\n\nCreate an instance of y18n with the config provided, options include:\n\n* `directory`: the locale directory, default `./locales`.\n* `updateFiles`: should newly observed strings be updated in file, default `true`.\n* `locale`: what locale should be used.\n* `fallbackToLanguage`: should fallback to a language-only file (e.g. `en.json`)\n be allowed if a file matching the locale does not exist (e.g. `en_US.json`),\n default `true`.\n\n### y18n.\\_\\_(str, arg, arg, arg)\n\nPrint a localized string, `%s` will be replaced with `arg`s.\n\n### y18n.\\_\\_n(singularString, pluralString, count, arg, arg, arg)\n\nPrint a localized string with appropriate pluralization. If `%d` is provided\nin the string, the `count` will replace this placeholder.\n\n### y18n.setLocale(str)\n\nSet the current locale being used.\n\n### y18n.getLocale()\n\nWhat locale is currently being used?\n\n### y18n.updateLocale(obj)\n\nUpdate the current locale with the key value pairs in `obj`.\n\n## License\n\nISC\n\n[travis-url]: https://travis-ci.org/bcoe/y18n\n[travis-image]: https://img.shields.io/travis/bcoe/y18n.svg\n[coveralls-url]: https://coveralls.io/github/bcoe/y18n\n[coveralls-image]: https://img.shields.io/coveralls/bcoe/y18n.svg\n[npm-url]: https://npmjs.org/package/y18n\n[npm-image]: https://img.shields.io/npm/v/y18n.svg\n[standard-image]: https://img.shields.io/badge/code%20style-standard-brightgreen.svg\n[standard-url]: https://github.com/feross/standard\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\y18n", + "error": "[Circular]", + "extraneous": false + }, + "yargs-parser": { + "_args": [ + [ + "yargs-parser@^2.1.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs" + ], + [ + "yargs-parser@2.1.0", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "yargs-parser@>=2.1.0 <3.0.0", + "_id": "yargs-parser@2.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/yargs-parser", + "_nodeVersion": "3.2.0", + "_npmOperationalInternal": { + "host": "packages-9-west.internal.npmjs.com", + "tmp": "tmp/yargs-parser-2.1.0.tgz_1455440640589_0.058524578576907516" + }, + "_npmUser": { + "email": "ben@npmjs.com", + "name": "bcoe" + }, + "_npmVersion": "3.3.0", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "yargs-parser@2.1.0", + "name": "yargs-parser", + "escapedName": "yargs-parser", + "rawSpec": "2.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.1.0" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs" + ], + "_resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-2.1.0.tgz", + "_shasum": "5f214362f948a085389abf34a78d8b5eef0b1350", + "_shrinkwrap": "[Circular]", + "_spec": "2.1.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "Ben Coe", + "email": "ben@npmjs.com" + }, + "bugs": { + "url": "https://github.com/yargs/yargs-parser/issues" + }, + "dependencies": { + "camelcase": { + "_args": "[Circular]", + "_from": "camelcase@>=2.0.1 <3.0.0", + "_id": "camelcase@2.1.0", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/camelcase", + "_nodeVersion": "4.2.4", + "_npmUser": "[Circular]", + "_npmVersion": "3.6.0", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "camelcase@2.1.0", + "name": "camelcase", + "escapedName": "camelcase", + "rawSpec": "2.1.0", + "saveSpec": "[Circular]", + "fetchSpec": "2.1.0" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/camelcase/-/camelcase-2.1.0.tgz", + "_shasum": "533ad4cd7f8a1080ded31aba6c79b4bf437ff30c", + "_shrinkwrap": "[Circular]", + "_spec": "2.1.0", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": "[Circular]", + "bugs": "[Circular]", + "dependencies": {}, + "description": "Convert a dash/dot/underscore/space separated string to camelCase: foo-bar → fooBar", + "devDependencies": "[Circular]", + "directories": "[Circular]", + "dist": "[Circular]", + "engines": "[Circular]", + "files": "[Circular]", + "gitHead": "9b73ccb3f48ab86eccb136c155f0eb2e67f40dc3", + "homepage": "https://github.com/sindresorhus/camelcase#readme", + "keywords": "[Circular]", + "license": "MIT", + "maintainers": "[Circular]", + "name": "camelcase", + "optionalDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "version": "2.1.0", + "readme": "# camelcase [![Build Status](https://travis-ci.org/sindresorhus/camelcase.svg?branch=master)](https://travis-ci.org/sindresorhus/camelcase)\n\n> Convert a dash/dot/underscore/space separated string to camelCase: `foo-bar` → `fooBar`\n\n\n## Install\n\n```\n$ npm install --save camelcase\n```\n\n\n## Usage\n\n```js\nconst camelCase = require('camelcase');\n\ncamelCase('foo-bar');\n//=> 'fooBar'\n\ncamelCase('foo_bar');\n//=> 'fooBar'\n\ncamelCase('Foo-Bar');\n//=> 'fooBar'\n\ncamelCase('--foo.bar');\n//=> 'fooBar'\n\ncamelCase('__foo__bar__');\n//=> 'fooBar'\n\ncamelCase('foo bar');\n//=> 'fooBar'\n\nconsole.log(process.argv[3]);\n//=> '--foo-bar'\ncamelCase(process.argv[3]);\n//=> 'fooBar'\n\ncamelCase('foo', 'bar');\n//=> 'fooBar'\n\ncamelCase('__foo__', '--bar');\n//=> 'fooBar'\n```\n\n\n## Related\n\n- [decamelize](https://github.com/sindresorhus/decamelize) - The inverse of this module\n- [uppercamelcase](https://github.com/SamVerschueren/uppercamelcase) - Like this module, but to PascalCase instead of camelCase\n\n\n## License\n\nMIT © [Sindre Sorhus](http://sindresorhus.com)\n", + "readmeFilename": "readme.md", + "_dependencies": "[Circular]", + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\camelcase", + "error": "[Circular]", + "extraneous": false, + "_deduped": "node_modules\\bundle-dependencies\\node_modules\\camelcase" + }, + "lodash.assign": { + "_args": [ + [ + "lodash.assign@^4.0.2", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/yargs-parser" + ], + [ + "lodash.assign@4.0.3", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "lodash.assign@>=4.0.2 <5.0.0", + "_id": "lodash.assign@4.0.3", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/lodash.assign", + "_nodeVersion": "5.5.0", + "_npmOperationalInternal": { + "host": "packages-9-west.internal.npmjs.com", + "tmp": "tmp/lodash.assign-4.0.3.tgz_1455615071928_0.8044304654467851" + }, + "_npmUser": { + "email": "john.david.dalton@gmail.com", + "name": "jdalton" + }, + "_npmVersion": "2.14.18", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "lodash.assign@4.0.3", + "name": "lodash.assign", + "escapedName": "lodash.assign", + "rawSpec": "4.0.3", + "saveSpec": "[Circular]", + "fetchSpec": "4.0.3" + }, + "_requiredBy": [ + "/bundle-dependencies/yargs-parser" + ], + "_resolved": "https://registry.npmjs.org/lodash.assign/-/lodash.assign-4.0.3.tgz", + "_shasum": "208252719b4375f361981c3ba3a8a09d1cbdb218", + "_shrinkwrap": "[Circular]", + "_spec": "4.0.3", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "John-David Dalton", + "email": "john.david.dalton@gmail.com", + "url": "http://allyoucanleet.com/" + }, + "bugs": { + "url": "https://github.com/lodash/lodash/issues" + }, + "contributors": [ + { + "name": "John-David Dalton", + "email": "john.david.dalton@gmail.com", + "url": "http://allyoucanleet.com/" + }, + { + "name": "Blaine Bublitz", + "email": "blaine@iceddev.com", + "url": "https://github.com/phated" + }, + { + "name": "Mathias Bynens", + "email": "mathias@qiwi.be", + "url": "https://mathiasbynens.be/" + } + ], + "dependencies": { + "lodash.keys": { + "_args": [ + [ + "lodash.keys@^4.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/lodash.assign" + ], + [ + "lodash.keys@4.0.3", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "lodash.keys@>=4.0.0 <5.0.0", + "_id": "lodash.keys@4.0.3", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/lodash.keys", + "_nodeVersion": "5.5.0", + "_npmOperationalInternal": { + "host": "packages-6-west.internal.npmjs.com", + "tmp": "tmp/lodash.keys-4.0.3.tgz_1455615421513_0.2519911821000278" + }, + "_npmUser": { + "email": "john.david.dalton@gmail.com", + "name": "jdalton" + }, + "_npmVersion": "2.14.18", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "lodash.keys@4.0.3", + "name": "lodash.keys", + "escapedName": "lodash.keys", + "rawSpec": "4.0.3", + "saveSpec": "[Circular]", + "fetchSpec": "4.0.3" + }, + "_requiredBy": [ + "/bundle-dependencies/lodash.assign" + ], + "_resolved": "https://registry.npmjs.org/lodash.keys/-/lodash.keys-4.0.3.tgz", + "_shasum": "f698bb75edfae6f690db9e11908157732fe7b342", + "_shrinkwrap": "[Circular]", + "_spec": "4.0.3", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "John-David Dalton", + "email": "john.david.dalton@gmail.com", + "url": "http://allyoucanleet.com/" + }, + "bugs": { + "url": "https://github.com/lodash/lodash/issues" + }, + "contributors": [ + { + "name": "John-David Dalton", + "email": "john.david.dalton@gmail.com", + "url": "http://allyoucanleet.com/" + }, + { + "name": "Blaine Bublitz", + "email": "blaine@iceddev.com", + "url": "https://github.com/phated" + }, + { + "name": "Mathias Bynens", + "email": "mathias@qiwi.be", + "url": "https://mathiasbynens.be/" + } + ], + "dependencies": {}, + "description": "The lodash method `_.keys` exported as a module.", + "devDependencies": {}, + "directories": {}, + "dist": { + "shasum": "f698bb75edfae6f690db9e11908157732fe7b342", + "tarball": "http://registry.npmjs.org/lodash.keys/-/lodash.keys-4.0.3.tgz" + }, + "homepage": "https://lodash.com/", + "icon": "https://lodash.com/icon.svg", + "keywords": [ + "lodash-modularized", + "keys" + ], + "license": "MIT", + "maintainers": [ + { + "name": "jdalton", + "email": "john.david.dalton@gmail.com" + }, + { + "name": "mathias", + "email": "mathias@qiwi.be" + }, + { + "name": "phated", + "email": "blaine@iceddev.com" + } + ], + "name": "lodash.keys", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/lodash/lodash.git" + }, + "scripts": { + "test": "echo \"See https://travis-ci.org/lodash/lodash-cli for testing details.\"" + }, + "version": "4.0.3", + "readme": "# lodash.keys v4.0.3\n\nThe [lodash](https://lodash.com/) method `_.keys` exported as a [Node.js](https://nodejs.org/) module.\n\n## Installation\n\nUsing npm:\n```bash\n$ {sudo -H} npm i -g npm\n$ npm i --save lodash.keys\n```\n\nIn Node.js:\n```js\nvar keys = require('lodash.keys');\n```\n\nSee the [documentation](https://lodash.com/docs#keys) or [package source](https://github.com/lodash/lodash/blob/4.0.3-npm-packages/lodash.keys) for more details.\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\lodash.keys", + "error": "[Circular]", + "extraneous": false + }, + "lodash.rest": { + "_args": [ + [ + "lodash.rest@^4.0.0", + "/Users/gajus/Documents/dev/gajus/bundle-dependencies/node_modules/lodash.assign" + ], + [ + "lodash.rest@4.0.1", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "_from": "lodash.rest@>=4.0.0 <5.0.0", + "_id": "lodash.rest@4.0.1", + "_inBundle": true, + "_inCache": true, + "_installable": true, + "_location": "/bundle-dependencies/lodash.rest", + "_nodeVersion": "5.4.0", + "_npmOperationalInternal": { + "host": "packages-5-east.internal.npmjs.com", + "tmp": "tmp/lodash.rest-4.0.1.tgz_1454484670768_0.6682933256961405" + }, + "_npmUser": { + "email": "john.david.dalton@gmail.com", + "name": "jdalton" + }, + "_npmVersion": "2.14.15", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "lodash.rest@4.0.1", + "name": "lodash.rest", + "escapedName": "lodash.rest", + "rawSpec": "4.0.1", + "saveSpec": "[Circular]", + "fetchSpec": "4.0.1" + }, + "_requiredBy": [ + "/bundle-dependencies/lodash.assign" + ], + "_resolved": "https://registry.npmjs.org/lodash.rest/-/lodash.rest-4.0.1.tgz", + "_shasum": "cbecbb84e68e499a1b242baf9b27bb63ef4dd980", + "_shrinkwrap": "[Circular]", + "_spec": "4.0.1", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "author": { + "name": "John-David Dalton", + "email": "john.david.dalton@gmail.com", + "url": "http://allyoucanleet.com/" + }, + "bugs": { + "url": "https://github.com/lodash/lodash/issues" + }, + "contributors": [ + { + "name": "John-David Dalton", + "email": "john.david.dalton@gmail.com", + "url": "http://allyoucanleet.com/" + }, + { + "name": "Blaine Bublitz", + "email": "blaine@iceddev.com", + "url": "https://github.com/phated" + }, + { + "name": "Mathias Bynens", + "email": "mathias@qiwi.be", + "url": "https://mathiasbynens.be/" + } + ], + "dependencies": {}, + "description": "The lodash method `_.rest` exported as a module.", + "devDependencies": {}, + "directories": {}, + "dist": { + "shasum": "cbecbb84e68e499a1b242baf9b27bb63ef4dd980", + "tarball": "http://registry.npmjs.org/lodash.rest/-/lodash.rest-4.0.1.tgz" + }, + "homepage": "https://lodash.com/", + "icon": "https://lodash.com/icon.svg", + "keywords": [ + "lodash-modularized", + "rest" + ], + "license": "MIT", + "maintainers": [ + { + "name": "jdalton", + "email": "john.david.dalton@gmail.com" + }, + { + "name": "mathias", + "email": "mathias@qiwi.be" + }, + { + "name": "phated", + "email": "blaine@iceddev.com" + } + ], + "name": "lodash.rest", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/lodash/lodash.git" + }, + "scripts": { + "test": "echo \"See https://travis-ci.org/lodash/lodash-cli for testing details.\"" + }, + "version": "4.0.1", + "readme": "# lodash.rest v4.0.1\n\nThe [lodash](https://lodash.com/) method `_.rest` exported as a [Node.js](https://nodejs.org/) module.\n\n## Installation\n\nUsing npm:\n```bash\n$ {sudo -H} npm i -g npm\n$ npm i --save lodash.rest\n```\n\nIn Node.js:\n```js\nvar rest = require('lodash.rest');\n```\n\nSee the [documentation](https://lodash.com/docs#rest) or [package source](https://github.com/lodash/lodash/blob/4.0.1-npm-packages/lodash.rest) for more details.\n", + "readmeFilename": "README.md", + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\lodash.rest", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "The lodash method `_.assign` exported as a module.", + "devDependencies": {}, + "directories": {}, + "dist": { + "shasum": "208252719b4375f361981c3ba3a8a09d1cbdb218", + "tarball": "http://registry.npmjs.org/lodash.assign/-/lodash.assign-4.0.3.tgz" + }, + "homepage": "https://lodash.com/", + "icon": "https://lodash.com/icon.svg", + "keywords": [ + "lodash-modularized", + "assign" + ], + "license": "MIT", + "maintainers": [ + { + "name": "jdalton", + "email": "john.david.dalton@gmail.com" + }, + { + "name": "mathias", + "email": "mathias@qiwi.be" + }, + { + "name": "phated", + "email": "blaine@iceddev.com" + } + ], + "name": "lodash.assign", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/lodash/lodash.git" + }, + "scripts": { + "test": "echo \"See https://travis-ci.org/lodash/lodash-cli for testing details.\"" + }, + "version": "4.0.3", + "readme": "# lodash.assign v4.0.3\n\nThe [lodash](https://lodash.com/) method `_.assign` exported as a [Node.js](https://nodejs.org/) module.\n\n## Installation\n\nUsing npm:\n```bash\n$ {sudo -H} npm i -g npm\n$ npm i --save lodash.assign\n```\n\nIn Node.js:\n```js\nvar assign = require('lodash.assign');\n```\n\nSee the [documentation](https://lodash.com/docs#assign) or [package source](https://github.com/lodash/lodash/blob/4.0.3-npm-packages/lodash.assign) for more details.\n", + "readmeFilename": "README.md", + "_dependencies": { + "lodash.keys": "^4.0.0", + "lodash.rest": "^4.0.0" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\lodash.assign", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "the mighty option parser used by yargs", + "devDependencies": { + "chai": "^3.5.0", + "coveralls": "^2.11.6", + "mocha": "^2.4.5", + "nyc": "^5.6.0", + "standard": "^5.4.1" + }, + "directories": {}, + "dist": { + "shasum": "5f214362f948a085389abf34a78d8b5eef0b1350", + "tarball": "http://registry.npmjs.org/yargs-parser/-/yargs-parser-2.1.0.tgz" + }, + "gitHead": "78f49ffde9a3305facb66b2faeae862b33d0745e", + "homepage": "https://github.com/yargs/yargs-parser#readme", + "keywords": [ + "argument", + "parser", + "yargs", + "command", + "cli", + "parsing", + "option", + "args", + "argument" + ], + "license": "ISC", + "main": "index.js", + "maintainers": [ + { + "name": "bcoe", + "email": "ben@npmjs.com" + } + ], + "name": "yargs-parser", + "optionalDependencies": {}, + "repository": { + "url": "git+ssh://git@github.com/yargs/yargs-parser.git" + }, + "scripts": { + "coverage": "nyc report --reporter=text-lcov | coveralls", + "pretest": "standard", + "test": "nyc mocha test/*.js" + }, + "version": "2.1.0", + "readme": "# yargs-parser\n\n[![Build Status](https://travis-ci.org/yargs/yargs-parser.png)](https://travis-ci.org/yargs/yargs-parser)\n[![Coverage Status](https://coveralls.io/repos/yargs/yargs-parser/badge.svg?branch=)](https://coveralls.io/r/yargs/yargs-parser?branch=master)\n[![NPM version](https://img.shields.io/npm/v/yargs-parser.svg)](https://www.npmjs.com/package/yargs-parser)\n[![Windows Tests](https://img.shields.io/appveyor/ci/bcoe/yargs-parser/master.svg?label=Windows%20Tests)](https://ci.appveyor.com/project/bcoe/yargs-parser)\n\nThe mighty option parser used by [yargs](https://github.com/bcoe/yargs).\n\nvisit the [yargs website](http://yargs.js.org/) for more examples, and thorough usage instructions.\n\n\n\n## Example\n\n```sh\nnpm i yargs-parser --save\n```\n\n```js\nvar argv = require('yargs-parser')(process.argv.slice(2));\nconsole.log(argv)\n```\n\n```sh\nnode example.js --foo=33 --bar hello\n{ _: [], foo: 33, bar: 'hello' }\n```\n\n_or parse a string!_\n\n```js\nvar argv = require('./')('--foo=99 --bar=33');\nconsole.log(argv)\n```\n\n```sh\n{ _: [], foo: 99, bar: 33 }\n```\n\n## API\n\n### require('yargs-parser')(args, opts={})\n\nParses command line arguments returning a simple mapping of keys and values.\n\n**expects:**\n\n* `args`: an array or string representing the options to parse.\n* `opts`: provide a set of hints indicating how `args` should be parsed:\n * `opts.alias`: an object representing the set of aliases for a key: `{alias: {foo: ['f']}}`.\n * `opts.array`: indicate that keys should be parsed as an array: `{array: ['foo', 'bar']}`.\n * `opts.boolean`: arguments should be parsed as booleans: `{boolean: ['x', 'y']}`.\n * `opts.config`: indicate a key that represents a path to a configuration file (this file will be loaded and parsed).\n * `opts.count`: indicate a key that should be used as a counter, e.g., `-vvv` = `{v: 3}`.\n * `opts.default`: provide default values for keys: `{default: {x: 33, y: 'hello world!'}}`.\n * `opts.envPrefix`: environment variables (`process.env`) with the prefix provided should be parsed.\n * `opts.narg`: specify that a key requires `n` arguments: `{narg: {x: 2}}`.\n * `opts.normalize`: `path.normalize()` will be applied to values set to this key.\n * `opts.string`: keys should be treated as strings (even if they resemble a number `-x 33`).\n * `opts.configuration`: provide configuration options to the yargs-parser (see: [configuration](#configuration)).\n * `opts.number`: keys should be treated as numbers.\n\n**returns:**\n\n* `obj`: an object representing the parsed value of `args`\n * `key/value`: key value pairs for each argument and their aliases.\n * `_`: an array representing the positional arguments.\n\n### require('yargs-parser').detailed(args, opts={})\n\nParses a command line string, returning detailed information required by the\nyargs engine.\n\n**expects:**\n\n* `args`: an array or string representing options to parse.\n* `opts`: provide a set of hints indicating how `args`, inputs are identical to `require('yargs-parser')(args, opts={})`.\n\n**returns:**\n\n* `argv`: an object representing the parsed value of `args`\n * `key/value`: key value pairs for each argument and their aliases.\n * `_`: an array representing the positional arguments.\n* `error`: populated with an error object if an exception occurred during parsing.\n* `aliases`: the inferred list of aliases built by combining lists in `opts.alias`.\n* `newAliases`: any new aliases added via camel-case expansion.\n* `configuration`: the configuration loaded from the `yargs` stanza in package.json.\n\n\n### Configuration\n\nThe yargs-parser applies several automated transformations on the keys provided\nin `args`. These features can be turned on and off using the `configuration` field\nof `opts`.\n\n```js\nvar parsed = parser(['--no-dice'], {\n configuration: {\n 'boolean-negation': false\n }\n})\n```\n\n### short option groups\n\n* default: `true`.\n* key: `short-option-groups`.\n\nShould a group of short-options be treated as boolean flags?\n\n```sh\nnode example.js -abc\n{ _: [], a: true, b: true, c: true }\n```\n\n_if disabled:_\n\n```sh\nnode example.js -abc\n{ _: [], abc: true }\n```\n\n### camel-case expansion\n\n* default: `true`.\n* key: `camel-case-expansion`.\n\nShould hyphenated arguments be expanded into camel-case aliases?\n\n```sh\nnode example.js --foo-bar\n{ _: [], 'foo-bar': true, fooBar: true }\n```\n\n_if disabled:_\n\n```sh\nnode example.js --foo-bar\n{ _: [], 'foo-bar': true }\n```\n\n### dot-notation\n\n* default: `true`\n* key: `dot-notation`\n\nShould keys that contain `.` be treated as objects?\n\n```sh\nnode example.js --foo.bar\n{ _: [], foo: { bar: true } }\n```\n\n_if disabled:_\n\n```sh\nnode example.js --foo.bar\n{ _: [], \"foo.bar\": true }\n```\n\n### parse numbers\n\n* default: `true`\n* key: 'parse-numbers'\n\nShould keys that look like numbers be treated as such?\n\n```sh\nnode example.js --foo=99.3\n{ _: [], foo: 99.3 }\n```\n\n_if disabled:_\n\n```sh\nnode example.js --foo=99.3\n{ _: [], foo: \"99.3\" }\n```\n\n### boolean negation\n\n* default: `true`\n* key: 'boolean-negation'\n\nShould variables prefixed with `--no` be treated as negations?\n\n```sh\nnode example.js --no-foo\n{ _: [], foo: false }\n```\n\n_if disabled:_\n\n```sh\nnode example.js --no-foo\n{ _: [], \"no-foo\": true }\n```\n\n## Special Thanks\n\nThe yargs project evolves from optimist and minimist. It owes its\nexistence to a lot of James Halliday's hard work. Thanks [substack](https://github.com/substack) **beep** **boop** \\o/\n\n## License\n\nISC\n", + "readmeFilename": "README.md", + "_dependencies": { + "camelcase": "^2.1.0", + "lodash.assign": "^4.0.2" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\yargs-parser", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Light-weight option parsing with an argv hash. No optstrings attached.", + "devDependencies": { + "chai": "^3.4.1", + "chalk": "^1.1.1", + "coveralls": "^2.11.4", + "cpr": "^1.0.0", + "es6-promise": "^3.0.2", + "hashish": "0.0.4", + "mocha": "^2.4.5", + "nyc": "^5.2.0", + "rimraf": "^2.5.0", + "standard": "^6.0.5", + "which": "^1.1.2", + "win-spawn": "^2.0.0" + }, + "directories": {}, + "dist": { + "shasum": "035e5ea466ac7fea584b00353e33eae4082b9894", + "tarball": "http://registry.npmjs.org/yargs/-/yargs-4.1.0.tgz" + }, + "engine": { + "node": ">=0.10" + }, + "files": [ + "index.js", + "lib", + "locales", + "completion.sh.hbs", + "LICENSE" + ], + "gitHead": "3808fabcd36645a1c855385e62c31fd5917ee447", + "homepage": "http://yargs.js.org/", + "keywords": [ + "argument", + "args", + "option", + "parser", + "parsing", + "cli", + "command" + ], + "license": "MIT", + "main": "./index.js", + "maintainers": [ + { + "name": "bcoe", + "email": "ben@npmjs.com" + }, + { + "name": "chevex", + "email": "alex.ford@codetunnel.com" + }, + { + "name": "nexdrew", + "email": "andrew@npmjs.com" + }, + { + "name": "nylen", + "email": "jnylen@gmail.com" + } + ], + "name": "yargs", + "optionalDependencies": {}, + "repository": { + "type": "git", + "url": "git+ssh://git@github.com/bcoe/yargs.git" + }, + "scripts": { + "coverage": "nyc report --reporter=text-lcov | coveralls", + "pretest": "standard", + "test": "nyc --cache mocha --require ./test/before.js --timeout=4000 --check-leaks" + }, + "standard": { + "ignore": [ + "**/example/**" + ] + }, + "version": "4.1.0", + "readme": "yargs\n========\n\nYargs be a node.js library fer hearties tryin' ter parse optstrings.\n\nWith yargs, ye be havin' a map that leads straight to yer treasure! Treasure of course, being a simple option hash.\n\n[![Build Status][travis-image]][travis-url]\n[![Dependency Status][gemnasium-image]][gemnasium-url]\n[![Coverage Status][coveralls-image]][coveralls-url]\n[![NPM version][npm-image]][npm-url]\n[![Windows Tests][windows-image]][windows-url]\n[![js-standard-style][standard-image]](standard-url)\n\n> Yargs is the official successor to optimist. Please feel free to submit issues and pull requests. If you'd like to contribute and don't know where to start, have a look at [the issue list](https://github.com/bcoe/yargs/issues) :)\n\nexamples\n========\n\nWith yargs, the options be just a hash!\n-------------------------------------------------------------------\n\nplunder.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs').argv;\n\nif (argv.ships > 3 && argv.distance < 53.5) {\n console.log('Plunder more riffiwobbles!');\n}\nelse {\n console.log('Retreat from the xupptumblers!');\n}\n````\n\n***\n\n $ ./plunder.js --ships=4 --distance=22\n Plunder more riffiwobbles!\n\n $ ./plunder.js --ships 12 --distance 98.7\n Retreat from the xupptumblers!\n\n![Joe was one optimistic pirate.](http://i.imgur.com/4WFGVJ9.png)\n\nBut don't walk the plank just yet! There be more! You can do short options:\n-------------------------------------------------\n\nshort.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs').argv;\nconsole.log('(%d,%d)', argv.x, argv.y);\n````\n\n***\n\n $ ./short.js -x 10 -y 21\n (10,21)\n\nAnd booleans, both long, short, and even grouped:\n----------------------------------\n\nbool.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs').argv;\n\nif (argv.s) {\n process.stdout.write(argv.fr ? 'Le perroquet dit: ' : 'The parrot says: ');\n}\nconsole.log(\n (argv.fr ? 'couac' : 'squawk') + (argv.p ? '!' : '')\n);\n````\n\n***\n\n $ ./bool.js -s\n The parrot says: squawk\n\n $ ./bool.js -sp\n The parrot says: squawk!\n\n $ ./bool.js -sp --fr\n Le perroquet dit: couac!\n\nAnd non-hyphenated options too! Just use `argv._`!\n-------------------------------------------------\n\nnonopt.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs').argv;\nconsole.log('(%d,%d)', argv.x, argv.y);\nconsole.log(argv._);\n````\n\n***\n\n $ ./nonopt.js -x 6.82 -y 3.35 rum\n (6.82,3.35)\n [ 'rum' ]\n\n $ ./nonopt.js \"me hearties\" -x 0.54 yo -y 1.12 ho\n (0.54,1.12)\n [ 'me hearties', 'yo', 'ho' ]\n\nYargs even counts your booleans!\n----------------------------------------------------------------------\n\ncount.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs')\n .count('verbose')\n .alias('v', 'verbose')\n .argv;\n\nVERBOSE_LEVEL = argv.verbose;\n\nfunction WARN() { VERBOSE_LEVEL >= 0 && console.log.apply(console, arguments); }\nfunction INFO() { VERBOSE_LEVEL >= 1 && console.log.apply(console, arguments); }\nfunction DEBUG() { VERBOSE_LEVEL >= 2 && console.log.apply(console, arguments); }\n\nWARN(\"Showing only important stuff\");\nINFO(\"Showing semi-important stuff too\");\nDEBUG(\"Extra chatty mode\");\n````\n\n***\n $ node count.js\n Showing only important stuff\n\n $ node count.js -v\n Showing only important stuff\n Showing semi-important stuff too\n\n $ node count.js -vv\n Showing only important stuff\n Showing semi-important stuff too\n Extra chatty mode\n\n $ node count.js -v --verbose\n Showing only important stuff\n Showing semi-important stuff too\n Extra chatty mode\n\nTell users how to use yer options and make demands.\n-------------------------------------------------\n\narea.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs')\n .usage('Usage: $0 -w [num] -h [num]')\n .demand(['w','h'])\n .argv;\n\nconsole.log(\"The area is:\", argv.w * argv.h);\n````\n\n***\n\n $ ./area.js -w 55 -h 11\n The area is: 605\n\n $ node ./area.js -w 4.91 -w 2.51\n Usage: area.js -w [num] -h [num]\n\n Options:\n -w [required]\n -h [required]\n\n Missing required arguments: h\n\nAfter yer demands have been met, demand more! Ask for non-hyphenated arguments!\n-----------------------------------------\n\ndemand_count.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs')\n .demand(2)\n .argv;\nconsole.dir(argv);\n````\n\n***\n\n\t$ ./demand_count.js a\n\n\tNot enough non-option arguments: got 1, need at least 2\n\n\t$ ./demand_count.js a b\n\t{ _: [ 'a', 'b' ], '$0': 'demand_count.js' }\n\n\t$ ./demand_count.js a b c\n\t{ _: [ 'a', 'b', 'c' ], '$0': 'demand_count.js' }\n\nEVEN MORE SHIVER ME TIMBERS!\n------------------\n\ndefault_singles.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs')\n .default('x', 10)\n .default('y', 10)\n .argv\n;\nconsole.log(argv.x + argv.y);\n````\n\n***\n\n $ ./default_singles.js -x 5\n 15\n\ndefault_hash.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs')\n .default({ x : 10, y : 10 })\n .argv\n;\nconsole.log(argv.x + argv.y);\n````\n\n***\n\n $ ./default_hash.js -y 7\n 17\n\nAnd if you really want to get all descriptive about it...\n---------------------------------------------------------\n\nboolean_single.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs')\n .boolean('v')\n .argv\n;\nconsole.dir(argv.v);\nconsole.dir(argv._);\n````\n\n***\n\n $ ./boolean_single.js -v \"me hearties\" yo ho\n true\n [ 'me hearties', 'yo', 'ho' ]\n\n\nboolean_double.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs')\n .boolean(['x','y','z'])\n .argv\n;\nconsole.dir([ argv.x, argv.y, argv.z ]);\nconsole.dir(argv._);\n````\n\n***\n\n $ ./boolean_double.js -x -z one two three\n [ true, false, true ]\n [ 'one', 'two', 'three' ]\n\nYargs is here to help you...\n---------------------------\n\nYe can describe parameters fer help messages and set aliases. Yargs figures\nout how ter format a handy help string automatically.\n\nline_count.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs')\n .usage('Usage: $0 [options]')\n .command('count', 'Count the lines in a file')\n .demand(1)\n .example('$0 count -f foo.js', 'count the lines in the given file')\n .demand('f')\n .alias('f', 'file')\n .nargs('f', 1)\n .describe('f', 'Load a file')\n .help('h')\n .alias('h', 'help')\n .epilog('copyright 2015')\n .argv;\n\nvar fs = require('fs');\nvar s = fs.createReadStream(argv.file);\n\nvar lines = 0;\ns.on('data', function (buf) {\n lines += buf.toString().match(/\\n/g).length;\n});\n\ns.on('end', function () {\n console.log(lines);\n});\n````\n\n***\n $ node line_count.js count\n Usage: line_count.js [options]\n\n Commands:\n count Count the lines in a file\n\n Options:\n -f, --file Load a file [required]\n -h, --help Show help [boolean]\n\n Examples:\n line_count.js count -f foo.js count the lines in the given file\n\n copyright 2015\n\n Missing required arguments: f\n\n $ node line_count.js count --file line_count.js\n 26\n\n $ node line_count.js count -f line_count.js\n 26\n\nmethods\n=======\n\nBy itself,\n\n````javascript\nrequire('yargs').argv\n````\n\nwill use the `process.argv` array to construct the `argv` object.\n\nYou can pass in the `process.argv` yourself:\n\n````javascript\nrequire('yargs')([ '-x', '1', '-y', '2' ]).argv\n````\n\nor use `.parse()` to do the same thing:\n\n````javascript\nrequire('yargs').parse([ '-x', '1', '-y', '2' ])\n````\n\nThe rest of these methods below come in just before the terminating `.argv`.\n\n.alias(key, alias)\n------------------\n\nSet key names as equivalent such that updates to a key will propagate to aliases\nand vice-versa.\n\nOptionally `.alias()` can take an object that maps keys to aliases.\nEach key of this object should be the canonical version of the option, and each\nvalue should be a string or an array of strings.\n\n.argv\n-----\n\nGet the arguments as a plain old object.\n\nArguments without a corresponding flag show up in the `argv._` array.\n\nThe script name or node command is available at `argv.$0` similarly to how `$0`\nworks in bash or perl.\n\nIf `yargs` is executed in an environment that embeds node and there's no script name (e.g.\n[Electron](http://electron.atom.io/) or [nw.js](http://nwjs.io/)), it will ignore the first parameter since it\nexpects it to be the script name. In order to override this behavior, use `.parse(process.argv.slice(1))`\ninstead of `.argv` and the first parameter won't be ignored.\n\n.array(key)\n----------\n\nTell the parser to interpret `key` as an array. If `.array('foo')` is set,\n`--foo foo bar` will be parsed as `['foo', 'bar']` rather than as `'foo'`.\n\n.boolean(key)\n-------------\n\nInterpret `key` as a boolean. If a non-flag option follows `key` in\n`process.argv`, that string won't get set as the value of `key`.\n\n`key` will default to `false`, unless a `default(key, undefined)` is\nexplicitly set.\n\nIf `key` is an array, interpret all the elements as booleans.\n\n.check(fn)\n----------\n\nCheck that certain conditions are met in the provided arguments.\n\n`fn` is called with two arguments, the parsed `argv` hash and an array of options and their aliases.\n\nIf `fn` throws or returns a non-truthy value, show the thrown error, usage information, and\nexit.\n\n.choices(key, choices)\n----------------------\n\nLimit valid values for `key` to a predefined set of `choices`, given as an array\nor as an individual value.\n\n```js\nvar argv = require('yargs')\n .alias('i', 'ingredient')\n .describe('i', 'choose your sandwich ingredients')\n .choices('i', ['peanut-butter', 'jelly', 'banana', 'pickles'])\n .help('help')\n .argv\n```\n\nIf this method is called multiple times, all enumerated values will be merged\ntogether. Choices are generally strings or numbers, and value matching is\ncase-sensitive.\n\nOptionally `.choices()` can take an object that maps multiple keys to their\nchoices.\n\nChoices can also be specified as `choices` in the object given to `option()`.\n\n```js\nvar argv = require('yargs')\n .option('size', {\n alias: 's',\n describe: 'choose a size',\n choices: ['xs', 's', 'm', 'l', 'xl']\n })\n .argv\n```\n\n.command(cmd, desc, [builder], [handler])\n-------------------\n.command(cmd, desc, [module])\n-------------------\n\nDocument the commands exposed by your application.\n\nUse `desc` to provide a description for each command your application accepts (the\nvalues stored in `argv._`). Set `desc` to `false` to create a hidden command.\nHidden commands don't show up in the help output and aren't available for\ncompletion.\n\nOptionally, you can provide a `builder` object to give hints about the\noptions that your command accepts:\n\n```js\nyargs.command('get', 'make a get HTTP request', {\n url: {\n alias: 'u',\n default: 'http://yargs.js.org/'\n }\n })\n .help()\n .argv\n```\n\n`builder` can also be a function. This function is executed\nwith a `yargs` instance, and can be used to provide _advanced_ command specific help:\n\n```js\nyargs.command('get', 'make a get HTTP request', function (yargs) {\n return yargs.option('url', {\n alias: 'u',\n default: 'http://yargs.js.org/'\n })\n })\n .help()\n .argv\n```\n\nYou can also provide a handler function, which will be executed with the\nparsed `argv` object:\n\n```js\nyargs\n .command(\n 'get',\n 'make a get HTTP request',\n function (yargs) {\n return yargs.option('u', {\n alias: 'url',\n describe: 'the URL to make an HTTP request to'\n })\n },\n function (argv) {\n console.log(argv.url)\n }\n )\n .help()\n .argv\n```\n\n### Positional Arguments\n\nCommands can accept _optional_ and _required_ positional arguments. Required\npositional arguments take the form ``, and optional arguments\ntake the form `[bar]`. The parsed positional arguments will be populated in\n`argv`:\n\n```js\nyargs.command('get [proxy]', 'make a get HTTP request')\n .help()\n .argv\n```\n\n### Providing a Command Module\n\nFor complicated commands you can pull the logic into a module. A module\nsimply needs to export:\n\n* `exports.builder`: which describes the options that a command accepts.\n* `exports.handler`: a function which will be passed the parsed argv.\n\n```js\n// my-module.js\nexports.builder = {\n banana: {\n default: 'cool'\n },\n batman: {\n default: 'sad'\n }\n}\n\nexports.handler = function (argv) {\n // do something with argv.\n}\n```\n\nYou then register the module like so:\n\n```js\nyargs.command('get [proxy]', 'make a get HTTP request', require('my-module'))\n .help()\n .argv\n```\n\n.completion(cmd, [description], [fn]);\n-------------\n\nEnable bash-completion shortcuts for commands and options.\n\n`cmd`: When present in `argv._`, will result in the `.bashrc` completion script\nbeing outputted. To enable bash completions, concat the generated script to your\n`.bashrc` or `.bash_profile`.\n\n`description`: Provide a description in your usage instructions for the command\nthat generates bash completion scripts.\n\n`fn`: Rather than relying on yargs' default completion functionality, which\nshiver me timbers is pretty awesome, you can provide your own completion\nmethod.\n\n```js\nvar argv = require('yargs')\n .completion('completion', function(current, argv) {\n // 'current' is the current command being completed.\n // 'argv' is the parsed arguments so far.\n // simply return an array of completions.\n return [\n 'foo',\n 'bar'\n ];\n })\n .argv;\n```\n\nYou can also provide asynchronous completions.\n\n```js\nvar argv = require('yargs')\n .completion('completion', function(current, argv, done) {\n setTimeout(function() {\n done([\n 'apple',\n 'banana'\n ]);\n }, 500);\n })\n .argv;\n```\n\nBut wait, there's more! You can return an asynchronous promise.\n\n```js\nvar argv = require('yargs')\n .completion('completion', function(current, argv, done) {\n return new Promise(function (resolve, reject) {\n setTimeout(function () {\n resolve(['apple', 'banana'])\n }, 10)\n })\n })\n .argv;\n```\n\n.config(key, [description], [parseFn])\n------------\n\nTells the parser that if the option specified by `key` is passed in, it\nshould be interpreted as a path to a JSON config file. The file is loaded\nand parsed, and its properties are set as arguments.\n\nAn optional `description` can be provided to customize the config (`key`) option\nin the usage string.\n\nAn optional `parseFn` can be used to provide a custom parser. The parsing\nfunction must be synchronous, and should return an object containing\nkey value pairs or an error.\n\n```js\nvar argv = require('yargs')\n .config('settings', function (configPath) {\n return JSON.parse(fs.readFileSync(configPath, 'utf-8'))\n })\n .argv\n```\n\n.count(key)\n------------\n\nInterpret `key` as a boolean flag, but set its parsed value to the number of\nflag occurrences rather than `true` or `false`. Default value is thus `0`.\n\n.default(key, value, [description])\n--------------------\n\nSet `argv[key]` to `value` if no option was specified in `process.argv`.\n\nOptionally `.default()` can take an object that maps keys to default values.\n\nBut wait, there's more! The default value can be a `function` which returns\na value. The name of the function will be used in the usage string:\n\n```js\nvar argv = require('yargs')\n .default('random', function randomValue() {\n return Math.random() * 256;\n }).argv;\n```\n\nOptionally, `description` can also be provided and will take precedence over\ndisplaying the value in the usage instructions:\n\n```js\n.default('timeout', 60000, '(one-minute)')\n```\n\n.demand(key, [msg | boolean])\n------------------------------\n.demand(count, [max], [msg])\n------------------------------\n\nIf `key` is a string, show the usage information and exit if `key` wasn't\nspecified in `process.argv`.\n\nIf `key` is a number, demand at least as many non-option arguments, which show\nup in `argv._`. A second number can also optionally be provided, which indicates\nthe maximum number of non-option arguments.\n\nIf `key` is an array, demand each element.\n\nIf a `msg` string is given, it will be printed when the argument is missing,\ninstead of the standard error message. This is especially helpful for the non-option arguments in `argv._`.\n\nIf a `boolean` value is given, it controls whether the option is demanded;\nthis is useful when using `.options()` to specify command line parameters.\n\nA combination of `.demand(1)` and `.strict()` will allow you to require a user to pass at least one command:\n\n```js\nvar argv = require('yargs')\n .command('install', 'tis a mighty fine package to install')\n .demand(1)\n .strict()\n .argv\n```\n\nSimilarly, you can require a command and arguments at the same time:\n\n```js\nvar argv = require('yargs')\n .command('install', 'tis a mighty fine package to install')\n .demand(1, ['w', 'm'])\n .strict()\n .argv\n```\n\n.describe(key, desc)\n--------------------\n\nDescribe a `key` for the generated usage information.\n\nOptionally `.describe()` can take an object that maps keys to descriptions.\n\n.detectLocale(boolean)\n-----------\n\nShould yargs attempt to detect the os' locale? Defaults to `true`.\n\n.env([prefix])\n--------------\n\nTell yargs to parse environment variables matching the given prefix and apply\nthem to argv as though they were command line arguments.\n\nIf this method is called with no argument or with an empty string or with `true`,\nthen all env vars will be applied to argv.\n\nProgram arguments are defined in this order of precedence:\n\n1. Command line args\n2. Config file\n3. Env var\n4. Configured defaults\n\n```js\nvar argv = require('yargs')\n .env('MY_PROGRAM')\n .option('f', {\n alias: 'fruit-thing',\n default: 'apple'\n })\n .argv\nconsole.log(argv)\n```\n\n```\n$ node fruity.js\n{ _: [],\n f: 'apple',\n 'fruit-thing': 'apple',\n fruitThing: 'apple',\n '$0': 'fruity.js' }\n```\n\n```\n$ MY_PROGRAM_FRUIT_THING=banana node fruity.js\n{ _: [],\n fruitThing: 'banana',\n f: 'banana',\n 'fruit-thing': 'banana',\n '$0': 'fruity.js' }\n```\n\n```\n$ MY_PROGRAM_FRUIT_THING=banana node fruity.js -f cat\n{ _: [],\n f: 'cat',\n 'fruit-thing': 'cat',\n fruitThing: 'cat',\n '$0': 'fruity.js' }\n```\n\nEnv var parsing is disabled by default, but you can also explicitly disable it\nby calling `.env(false)`, e.g. if you need to undo previous configuration.\n\n.epilog(str)\n------------\n.epilogue(str)\n--------------\n\nA message to print at the end of the usage instructions, e.g.\n\n```js\nvar argv = require('yargs')\n .epilogue('for more information, find our manual at http://example.com');\n```\n\n.example(cmd, desc)\n-------------------\n\nGive some example invocations of your program. Inside `cmd`, the string\n`$0` will get interpolated to the current script name or node command for the\npresent script similar to how `$0` works in bash or perl.\nExamples will be printed out as part of the help message.\n\n.exitProcess(enable)\n----------------------------------\n\nBy default, yargs exits the process when the user passes a help flag, uses the\n`.version` functionality, or when validation fails. Calling\n`.exitProcess(false)` disables this behavior, enabling further actions after\nyargs have been validated.\n\n.fail(fn)\n---------\n\nMethod to execute when a failure occurs, rather than printing the failure message.\n\n`fn` is called with the failure message that would have been printed.\n\n.global(globals)\n------------\n\nIndicate that an option (or group of options) should not be reset when a command\nis executed, as an example:\n\n```js\nvar argv = require('yargs')\n .option('a', {\n alias: 'all',\n default: true\n })\n .option('n', {\n alias: 'none',\n default: true\n })\n .command('foo', 'foo command', function (yargs) {\n return yargs.option('b', {\n alias: 'bar'\n })\n })\n .help('help')\n .global('a')\n .argv\n```\n\nIf the `foo` command is executed the `all` option will remain, but the `none`\noption will have been eliminated.\n\n`help`, `version`, and `completion` options default to being global.\n\n.group(key(s), groupName)\n--------------------\n\nGiven a key, or an array of keys, places options under an alternative heading\nwhen displaying usage instructions, e.g.,\n\n```js\nvar yargs = require('yargs')(['--help'])\n .help()\n .group('batman', 'Heroes:')\n .describe('batman', \"world's greatest detective\")\n .wrap(null)\n .argv\n```\n***\n Heroes:\n --batman world's greatest detective\n\n Options:\n --help Show help [boolean]\n\n.help([option, [description]])\n------------------------------\n\nAdd an option (e.g. `--help`) that displays the usage string and exits the\nprocess. If present, the `description` parameter customizes the description of\nthe help option in the usage string.\n\nIf invoked without parameters, `.help()` will make `--help` the option to trigger\nhelp output.\n\nExample:\n\n```js\nvar yargs = require(\"yargs\")['--help']\n .usage(\"$0 -operand1 number -operand2 number -operation [add|subtract]\");\n .help()\n```\n\nLater on, `argv` can be retrieved with `yargs.argv`.\n\n.implies(x, y)\n--------------\n\nGiven the key `x` is set, it is required that the key `y` is set.\n\nOptionally `.implies()` can accept an object specifying multiple implications.\n\n.locale()\n---------\n\nReturn the locale that yargs is currently using.\n\nBy default, yargs will auto-detect the operating system's locale so that\nyargs-generated help content will display in the user's language.\n\nTo override this behavior with a static locale, pass the desired locale as a\nstring to this method (see below).\n\n.locale(locale)\n---------------\n\nOverride the auto-detected locale from the user's operating system with a static\nlocale. Note that the OS locale can be modified by setting/exporting the `LC_ALL`\nenvironment variable.\n\n```js\nvar argv = require('yargs')\n .usage('./$0 - follow ye instructions true')\n .option('option', {\n alias: 'o',\n describe: \"'tis a mighty fine option\",\n demand: true\n })\n .command('run', \"Arrr, ya best be knowin' what yer doin'\")\n .example('$0 run foo', \"shiver me timbers, here's an example for ye\")\n .help('help')\n .wrap(70)\n .locale('pirate')\n .argv\n```\n\n***\n\n```shell\n./test.js - follow ye instructions true\n\nChoose yer command:\n run Arrr, ya best be knowin' what yer doin'\n\nOptions for me hearties!\n --option, -o 'tis a mighty fine option [requi-yar-ed]\n --help Parlay this here code of conduct [boolean]\n\nEx. marks the spot:\n test.js run foo shiver me timbers, here's an example for ye\n\nYe be havin' to set the followin' argument land lubber: option\n```\n\nLocales currently supported:\n\n* **de:** German.\n* **en:** American English.\n* **es:** Spanish.\n* **fr:** French.\n* **id:** Indonesian.\n* **ja:** Japanese.\n* **ko:** Korean.\n* **nb:** Norwegian Bokmål.\n* **pirate:** American Pirate.\n* **pt:** Portuguese.\n* **pt_BR:** Brazilian Portuguese.\n* **tr:** Turkish.\n* **zh:** Chinese.\n\nTo submit a new translation for yargs:\n\n1. use `./locales/en.json` as a starting point.\n2. submit a pull request with the new locale file.\n\n*The [Microsoft Terminology Search](http://www.microsoft.com/Language/en-US/Search.aspx) can be useful for finding the correct terminology in your locale.*\n\n.nargs(key, count)\n-----------\n\nThe number of arguments that should be consumed after a key. This can be a\nuseful hint to prevent parsing ambiguity. For example:\n\n```js\nvar argv = require('yargs')\n .nargs('token', 1)\n .parse(['--token', '-my-token']);\n```\n\nparses as:\n\n`{ _: [], token: '-my-token', '$0': 'node test' }`\n\nOptionally `.nargs()` can take an object of `key`/`narg` pairs.\n\n.normalize(key)\n---------------\n\nThe key provided represents a path and should have `path.normalize()` applied.\n\n.option(key, opt)\n-----------------\n.options(key, opt)\n------------------\n\nInstead of chaining together `.alias().demand().default().describe().string()`, you can specify\nkeys in `opt` for each of the chainable methods.\n\nFor example:\n\n````javascript\nvar argv = require('yargs')\n .option('f', {\n alias: 'file',\n demand: true,\n default: '/etc/passwd',\n describe: 'x marks the spot',\n type: 'string'\n })\n .argv\n;\n````\n\nis the same as\n\n````javascript\nvar argv = require('yargs')\n .alias('f', 'file')\n .demand('f')\n .default('f', '/etc/passwd')\n .describe('f', 'x marks the spot')\n .string('f')\n .argv\n;\n````\n\nOptionally `.options()` can take an object that maps keys to `opt` parameters.\n\n````javascript\nvar argv = require('yargs')\n .options({\n 'f': {\n alias: 'file',\n demand: true,\n default: '/etc/passwd',\n describe: 'x marks the spot',\n type: 'string'\n }\n })\n .argv\n;\n````\n\nValid `opt` keys include:\n\n- `alias`: string or array of strings, alias(es) for the canonical option key, see [`alias()`](#alias)\n- `array`: boolean, interpret option as an array, see [`array()`](#array)\n- `boolean`: boolean, interpret option as a boolean flag, see [`boolean()`](#boolean)\n- `choices`: value or array of values, limit valid option arguments to a predefined set, see [`choices()`](#choices)\n- `config`: boolean, interpret option as a path to a JSON config file, see [`config()`](#config)\n- `configParser`: function, provide a custom config parsing function, see [`config()`](#config)\n- `count`: boolean, interpret option as a count of boolean flags, see [`count()`](#count)\n- `default`: value, set a default value for the option, see [`default()`](#default)\n- `defaultDescription`: string, use this description for the default value in help content, see [`default()`](#default)\n- `demand`/`require`/`required`: boolean or string, demand the option be given, with optional error message, see [`demand()`](#demand)\n- `desc`/`describe`/`description`: string, the option description for help content, see [`describe()`](#describe)\n- `global`: boolean, indicate that this key should not be [reset](#reset) when a command is invoked, see [`global()`](#global)\n- `group`: string, when displaying usage instructions place the option under an alternative group heading, see [`group()`](#group)\n- `nargs`: number, specify how many arguments should be consumed for the option, see [`nargs()`](#nargs)\n- `normalize`: The option should be normalized, see [`normalize()`](#normalize)\n- `requiresArg`: boolean, require the option be specified with a value, see [`requiresArg()`](#requiresArg)\n- `string`: boolean, interpret option as a string, see [`string()`](#string)\n- `number`: number, keys are treated as numbers, [`number()`](#number)\n- `type`: one of the following strings\n - `'array'`: synonymous for `array: true`, see [`array()`](#array)\n - `'boolean'`: synonymous for `boolean: true`, see [`boolean()`](#boolean)\n - `'count'`: synonymous for `count: true`, see [`count()`](#count)\n - `'string'`: synonymous for `string: true`, see [`string()`](#string)\n - `'number'`: synonymous for `number: true`, see [`number()`](#number)\n\n.parse(args)\n------------\n\nParse `args` instead of `process.argv`. Returns the `argv` object.\n\n`args` may either be a pre-processed argv array, or a raw argument string.\n\n.pkgConf(key, [cwd])\n------------\n\nSimilar to [`config()`](#config), indicates that yargs should read\ndefault argument values from the specified key in package.json.\n\n`cwd` can optionally be provided, the package.json will be read\nfrom this location.\n\n.require(key, [msg | boolean])\n------------------------------\n.required(key, [msg | boolean])\n------------------------------\n\nAn alias for [`demand()`](#demand). See docs there.\n\n.requiresArg(key)\n-----------------\n\nSpecifies either a single option key (string), or an array of options that\nmust be followed by option values. If any option value is missing, show the\nusage information and exit.\n\nThe default behavior is to set the value of any key not followed by an\noption value to `true`.\n\n.reset()\n--------\n\nReset the argument object built up so far. This is useful for\ncreating nested command line interfaces. Use [global](#global)\nto specify keys that should not be reset.\n\n```js\nvar yargs = require('yargs')\n .usage('$0 command')\n .command('hello', 'hello command')\n .command('world', 'world command')\n .demand(1, 'must provide a valid command'),\n argv = yargs.argv,\n command = argv._[0];\n\nif (command === 'hello') {\n yargs.reset()\n .usage('$0 hello')\n .help('h')\n .example('$0 hello', 'print the hello message!')\n .argv\n\n console.log('hello!');\n} else if (command === 'world'){\n yargs.reset()\n .usage('$0 world')\n .help('h')\n .example('$0 world', 'print the world message!')\n .argv\n\n console.log('world!');\n} else {\n yargs.showHelp();\n}\n```\n\n.showCompletionScript()\n----------------------\n\nGenerate a bash completion script. Users of your application can install this\nscript in their `.bashrc`, and yargs will provide completion shortcuts for\ncommands and options.\n\n.showHelp(consoleLevel='error')\n---------------------------\n\nPrint the usage data using the [`console`](https://nodejs.org/api/console.html) function `consoleLevel` for printing.\n\nExample:\n\n```js\nvar yargs = require(\"yargs\")\n .usage(\"$0 -operand1 number -operand2 number -operation [add|subtract]\");\nyargs.showHelp(); //prints to stderr using console.error()\n```\n\nOr, to print the usage data to `stdout` instead, you can specify the use of `console.log`:\n\n```js\nyargs.showHelp(\"log\"); //prints to stdout using console.log()\n```\n\nLater on, `argv` can be retrieved with `yargs.argv`.\n\n.showHelpOnFail(enable, [message])\n----------------------------------\n\nBy default, yargs outputs a usage string if any error is detected. Use the\n`.showHelpOnFail()` method to customize this behavior. If `enable` is `false`,\nthe usage string is not output. If the `message` parameter is present, this\nmessage is output after the error message.\n\nline_count.js:\n\n````javascript\n#!/usr/bin/env node\nvar argv = require('yargs')\n .usage('Count the lines in a file.\\nUsage: $0 -f ')\n .demand('f')\n .alias('f', 'file')\n .describe('f', 'Load a file')\n .string('f')\n .showHelpOnFail(false, 'Specify --help for available options')\n .help('help')\n .argv;\n\n// etc.\n````\n\n***\n\n```\n$ node line_count.js\nMissing argument value: f\n\nSpecify --help for available options\n```\n\n.strict()\n---------\n\nAny command-line argument given that is not demanded, or does not have a\ncorresponding description, will be reported as an error.\n\n.string(key)\n------------\n\nTell the parser logic not to interpret `key` as a number or boolean.\nThis can be useful if you need to preserve leading zeros in an input.\n\nIf `key` is an array, interpret all the elements as strings.\n\n`.string('_')` will result in non-hyphenated arguments being interpreted as strings,\nregardless of whether they resemble numbers.\n\n.number([key])\n------------\nSpecify options with a numeric argument.\n\nIf an argument is not provided with the option, will return `undefined`.\n\nIf a non-numeric argument is provided, will return a `NaN`.\n\n```js\nvar argv = require('yargs')\n .number(['n'])\n .argv\n```\n\n.updateLocale(obj)\n------------------\n.updateStrings(obj)\n------------------\n\nOverride the default strings used by yargs with the key/value\npairs provided in `obj`:\n\n```js\nvar argv = require('yargs')\n .command('run', 'the run command')\n .help('help')\n .updateStrings({\n 'Commands:': 'My Commands -->\\n'\n })\n .wrap(null)\n .argv\n```\n\n***\n\n```shell\nMy Commands -->\n\n run the run command\n\nOptions:\n --help Show help [boolean]\n```\n\nIf you explicitly specify a `locale()`, you should do so *before* calling\n`updateStrings()`.\n\n.usage(message, [opts])\n---------------------\n\nSet a usage message to show which commands to use. Inside `message`, the string\n`$0` will get interpolated to the current script name or node command for the\npresent script similar to how `$0` works in bash or perl.\n\n`opts` is optional and acts like calling `.options(opts)`.\n\n.version([option], [description], [version])\n----------------------------------------\n\nAdd an option (e.g. `--version`) that displays the version number (given by the\n`version` parameter) and exits the process.\n\nIf no arguments are passed to `version` (`.version()`), yargs will parse the `package.json`\nof your module and use its `version` value. The default value of `option` is `--version`.\n\nYou can provide a `function` for version, rather than a string.\nThis is useful if you want to use a version stored in a location other than package.json:\n\n```js\nvar argv = require('yargs')\n .version(function() {\n return require('../lib/version').version;\n })\n .argv;\n```\n\n.wrap(columns)\n--------------\n\nFormat usage output to wrap at `columns` many columns.\n\nBy default wrap will be set to `Math.min(80, windowWidth)`. Use `.wrap(null)` to\nspecify no column limit (no right-align). Use `.wrap(yargs.terminalWidth())` to\nmaximize the width of yargs' usage instructions.\n\nparsing tricks\n==============\n\nstop parsing\n------------\n\nUse `--` to stop parsing flags and stuff the remainder into `argv._`.\n\n $ node examples/reflect.js -a 1 -b 2 -- -c 3 -d 4\n { _: [ '-c', '3', '-d', '4' ],\n a: 1,\n b: 2,\n '$0': 'examples/reflect.js' }\n\nnegate fields\n-------------\n\nIf you want to explicitly set a field to false instead of just leaving it\nundefined or to override a default you can do `--no-key`.\n\n $ node examples/reflect.js -a --no-b\n { _: [], a: true, b: false, '$0': 'examples/reflect.js' }\n\nnumbers\n-------\n\nEvery argument that looks like a number (`!isNaN(Number(arg))`) is converted to\none. This way you can just `net.createConnection(argv.port)` and you can add\nnumbers out of `argv` with `+` without having that mean concatenation,\nwhich is super frustrating.\n\nduplicates\n----------\n\nIf you specify a flag multiple times it will get turned into an array containing\nall the values in order.\n\n $ node examples/reflect.js -x 5 -x 8 -x 0\n { _: [], x: [ 5, 8, 0 ], '$0': 'examples/reflect.js' }\n\ndot notation\n------------\n\nWhen you use dots (`.`s) in argument names, an implicit object path is assumed.\nThis lets you organize arguments into nested objects.\n\n $ node examples/reflect.js --foo.bar.baz=33 --foo.quux=5\n { _: [],\n foo: { bar: { baz: 33 }, quux: 5 },\n '$0': 'examples/reflect.js' }\n\nshort numbers\n-------------\n\nShort numeric `-n5` style arguments work too:\n\n $ node examples/reflect.js -n123 -m456\n { _: [], n: 123, m: 456, '$0': 'examples/reflect.js' }\n\ninstallation\n============\n\nWith [npm](https://github.com/npm/npm), just do:\n\n npm install yargs\n\nor clone this project on github:\n\n git clone http://github.com/bcoe/yargs.git\n\nTo run the tests with npm, just do:\n\n npm test\n\nconfiguration\n=============\n\nUsing the `yargs` stanza in your `package.json` you can turn on and off\nsome of yargs' parsing features:\n\n```json\n{\n \"yargs\": {\n \"short-option-groups\": true,\n \"camel-case-expansion\": true,\n \"dot-notation\": true,\n \"parse-numbers\": true,\n \"boolean-negation\": true\n }\n}\n```\n\nSee the [yargs-parser](https://github.com/yargs/yargs-parser#configuration) module\nfor detailed documentation of this feature.\n\ninspired by\n===========\n\nThis module is loosely inspired by Perl's\n[Getopt::Casual](http://search.cpan.org/~photo/Getopt-Casual-0.13.1/Casual.pm).\n\n[travis-url]: https://travis-ci.org/bcoe/yargs\n[travis-image]: https://img.shields.io/travis/bcoe/yargs.svg\n[gemnasium-url]: https://gemnasium.com/bcoe/yargs\n[gemnasium-image]: https://img.shields.io/gemnasium/bcoe/yargs.svg\n[coveralls-url]: https://coveralls.io/github/bcoe/yargs\n[coveralls-image]: https://img.shields.io/coveralls/bcoe/yargs.svg\n[npm-url]: https://www.npmjs.com/package/yargs\n[npm-image]: https://img.shields.io/npm/v/yargs.svg\n[windows-url]: https://ci.appveyor.com/project/bcoe/yargs\n[windows-image]: https://img.shields.io/appveyor/ci/bcoe/yargs/master.svg?label=Windows%20Tests\n[standard-image]: https://img.shields.io/badge/code%20style-standard-brightgreen.svg\n[standard-url]: http://standardjs.com/\n", + "readmeFilename": "README.md", + "_dependencies": { + "camelcase": "^2.0.1", + "cliui": "^3.0.3", + "decamelize": "^1.1.1", + "os-locale": "^1.4.0", + "pkg-conf": "^1.1.1", + "read-pkg-up": "^1.0.1", + "require-main-filename": "^1.0.0", + "string-width": "^1.0.1", + "window-size": "^0.2.0", + "y18n": "^3.2.0", + "yargs-parser": "^2.1.0" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\yargs", + "error": "[Circular]", + "extraneous": false + } + }, + "deprecated": false, + "description": "Generates bundledDependencies package.json value using values of the dependencies property.", + "devDependencies": { + "pragmatist": "^3.0.9" + }, + "homepage": "https://github.com/gajus/bundle-dependencies#readme", + "keywords": [ + "npm", + "bundle", + "dependencies" + ], + "license": "BSD-3-Clause", + "main": "./dist/index.js", + "name": "bundle-dependencies", + "repository": { + "type": "git", + "url": "git+https://github.com/gajus/bundle-dependencies.git" + }, + "scripts": { + "build": "npm run pragmatist build", + "lint": "npm run pragmatist lint", + "pragmatist": "pragmatist --es5", + "test": "", + "watch": "npm run pragmatist watch", + "watch-build": "npm run pragmatist watch-build", + "watch-lint": "npm run pragmatist watch-lint", + "watch-test": "" + }, + "version": "1.0.2", + "readme": "# bundle-dependencies\n\n[![NPM version](http://img.shields.io/npm/v/bundle-dependencies.svg?style=flat-square)](https://www.npmjs.org/package/bundle-dependencies)\n[![Travis build status](http://img.shields.io/travis/gajus/bundle-dependencies/master.svg?style=flat-square)](https://travis-ci.org/gajus/bundle-dependencies)\n[![js-canonical-style](https://img.shields.io/badge/code%20style-canonical-blue.svg?style=flat-square)](https://github.com/gajus/canonical)\n\nGenerates [`bundledDependencies`](https://docs.npmjs.com/files/package.json#bundleddependencies) `package.json` value using values of the dependencies property. Updates `package.json` definition using the generated `bundledDependencies` value.\n\n## Install\n\n```sh\nnpm install bundle-dependencies\n```\n\nAdd to `package.json`:\n\n```json\n{\n \"scripts\": {\n \"bundle-dependencies\": \"bundle-dependencies\"\n }\n}\n```\n\n## Options\n\n```sh\nbundle-dependencies --help\n```\n\n```\nCommands:\n list-bundled-dependencies Lists names of bundled dependencies.\n update Updates package.json bundledDependencies\n definition.\n\nOptions:\n --help Show help [boolean]\n```\n\n```sh\nbundle-dependencies update --help\n```\n\n```\nOptions:\n --help Show help [boolean]\n --exclude A space-separated list of dependencies not to include in the\n bundledDependencies definition. [array] [default: []]\n```\n\n## Usage\n\nTo simply update `bundledDependencies` of the `package.json` in the current working directory, execute the script:\n\n```sh\nnpm run bundle-dependencies update\n```\n\n## Publishing\n\nWhen publishing a package using `bundledDependencies` property, make sure that your `nodu_modules/` directory includes only bundled dependencies, i.e. the module must be install using `npm install --production [list of bundled dependencies]`. Use this script to do it:\n\n```json\n{\n \"bundle-publish\": \"npm run bundle-dependencies update; git commit -m 'Bundled dependencies.' ./package.json; git push; rm -fr ./node_modules; npm install --production $(bundle-dependencies list-bundled-dependencies); npm dedupe; npm prune; npm publish; npm install;\"\n}\n```\n", + "readmeFilename": "README.md", + "_args": [ + [ + "bundle-dependencies@1.0.2", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project" + ] + ], + "optionalDependencies": {}, + "_dependencies": { + "yargs": "^4.1.0" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies", + "error": "[Circular]", + "extraneous": false + } + }, + "readme": "ERROR: No README data found!", + "_id": "demo-bundled-deps@0.0.0", + "_shrinkwrap": { + "name": "demo-bundled-deps", + "version": "0.0.0", + "lockfileVersion": 1, + "requires": true, + "dependencies": { + "bundle-dependencies": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "integrity": "sha512-fM9Q9hJcX1ZYnyjveHTptFZqpLKDO2gdxRhuB8MNSYEQvC6kImDDH2038J/tHfcuV0JRGUj8n8axDY0AnFkXfA==", + "requires": { + "yargs": "^4.1.0" + }, + "dependencies": { + "ansi-regex": { + "version": "2.0.0", + "bundled": true + }, + "builtin-modules": { + "version": "1.1.1", + "bundled": true + }, + "camelcase": { + "version": "2.1.0", + "bundled": true + }, + "cliui": { + "version": "3.1.0", + "bundled": true, + "requires": { + "string-width": "^1.0.1", + "strip-ansi": "^3.0.0", + "wrap-ansi": "^1.0.0" + } + }, + "code-point-at": { + "version": "1.0.0", + "bundled": true, + "requires": { + "number-is-nan": "^1.0.0" + } + }, + "decamelize": { + "version": "1.1.2", + "bundled": true, + "requires": { + "escape-string-regexp": "^1.0.4" + } + }, + "error-ex": { + "version": "1.3.0", + "bundled": true, + "requires": { + "is-arrayish": "^0.2.1" + } + }, + "escape-string-regexp": { + "version": "1.0.5", + "bundled": true + }, + "find-up": { + "version": "1.1.0", + "bundled": true, + "requires": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + } + }, + "graceful-fs": { + "version": "4.1.3", + "bundled": true + }, + "hosted-git-info": { + "version": "2.1.4", + "bundled": true + }, + "invert-kv": { + "version": "1.0.0", + "bundled": true + }, + "is-arrayish": { + "version": "0.2.1", + "bundled": true + }, + "is-builtin-module": { + "version": "1.0.0", + "bundled": true, + "requires": { + "builtin-modules": "^1.0.0" + } + }, + "is-fullwidth-code-point": { + "version": "1.0.0", + "bundled": true, + "requires": { + "number-is-nan": "^1.0.0" + } + }, + "is-utf8": { + "version": "0.2.1", + "bundled": true + }, + "lcid": { + "version": "1.0.0", + "bundled": true, + "requires": { + "invert-kv": "^1.0.0" + } + }, + "load-json-file": { + "version": "1.1.0", + "bundled": true, + "requires": { + "graceful-fs": "^4.1.2", + "parse-json": "^2.2.0", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0", + "strip-bom": "^2.0.0" + } + }, + "lodash.assign": { + "version": "4.0.3", + "bundled": true, + "requires": { + "lodash.keys": "^4.0.0", + "lodash.rest": "^4.0.0" + } + }, + "lodash.keys": { + "version": "4.0.3", + "bundled": true + }, + "lodash.rest": { + "version": "4.0.1", + "bundled": true + }, + "normalize-package-data": { + "version": "2.3.5", + "bundled": true, + "requires": { + "hosted-git-info": "^2.1.4", + "is-builtin-module": "^1.0.0", + "semver": "2 || 3 || 4 || 5", + "validate-npm-package-license": "^3.0.1" + } + }, + "number-is-nan": { + "version": "1.0.0", + "bundled": true + }, + "object-assign": { + "version": "4.0.1", + "bundled": true + }, + "os-locale": { + "version": "1.4.0", + "bundled": true, + "requires": { + "lcid": "^1.0.0" + } + }, + "parse-json": { + "version": "2.2.0", + "bundled": true, + "requires": { + "error-ex": "^1.2.0" + } + }, + "path-exists": { + "version": "2.1.0", + "bundled": true, + "requires": { + "pinkie-promise": "^2.0.0" + } + }, + "path-type": { + "version": "1.1.0", + "bundled": true, + "requires": { + "graceful-fs": "^4.1.2", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0" + } + }, + "pify": { + "version": "2.3.0", + "bundled": true + }, + "pinkie": { + "version": "2.0.4", + "bundled": true + }, + "pinkie-promise": { + "version": "2.0.0", + "bundled": true, + "requires": { + "pinkie": "^2.0.0" + } + }, + "pkg-conf": { + "version": "1.1.1", + "bundled": true, + "requires": { + "find-up": "^1.0.0", + "object-assign": "^4.0.1", + "read-pkg": "^1.0.0", + "symbol": "^0.2.1" + } + }, + "read-pkg": { + "version": "1.1.0", + "bundled": true, + "requires": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + } + }, + "read-pkg-up": { + "version": "1.0.1", + "bundled": true, + "requires": { + "find-up": "^1.0.0", + "read-pkg": "^1.0.0" + } + }, + "require-main-filename": { + "version": "1.0.1", + "bundled": true + }, + "semver": { + "version": "5.1.0", + "bundled": true + }, + "spdx-correct": { + "version": "1.0.2", + "bundled": true, + "requires": { + "spdx-license-ids": "^1.0.2" + } + }, + "spdx-exceptions": { + "version": "1.0.4", + "bundled": true + }, + "spdx-expression-parse": { + "version": "1.0.2", + "bundled": true, + "requires": { + "spdx-exceptions": "^1.0.4", + "spdx-license-ids": "^1.0.0" + } + }, + "spdx-license-ids": { + "version": "1.2.0", + "bundled": true + }, + "string-width": { + "version": "1.0.1", + "bundled": true, + "requires": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + } + }, + "strip-ansi": { + "version": "3.0.1", + "bundled": true, + "requires": { + "ansi-regex": "^2.0.0" + } + }, + "strip-bom": { + "version": "2.0.0", + "bundled": true, + "requires": { + "is-utf8": "^0.2.0" + } + }, + "symbol": { + "version": "0.2.1", + "bundled": true + }, + "validate-npm-package-license": { + "version": "3.0.1", + "bundled": true, + "requires": { + "spdx-correct": "~1.0.0", + "spdx-expression-parse": "~1.0.0" + } + }, + "window-size": { + "version": "0.2.0", + "bundled": true + }, + "wrap-ansi": { + "version": "1.0.0", + "bundled": true, + "requires": { + "string-width": "^1.0.1" + } + }, + "y18n": { + "version": "3.2.0", + "bundled": true + }, + "yargs": { + "version": "4.1.0", + "bundled": true, + "requires": { + "camelcase": "^2.0.1", + "cliui": "^3.0.3", + "decamelize": "^1.1.1", + "os-locale": "^1.4.0", + "pkg-conf": "^1.1.1", + "read-pkg-up": "^1.0.1", + "require-main-filename": "^1.0.0", + "string-width": "^1.0.1", + "window-size": "^0.2.0", + "y18n": "^3.2.0", + "yargs-parser": "^2.1.0" + } + }, + "yargs-parser": { + "version": "2.1.0", + "bundled": true, + "requires": { + "camelcase": "^2.1.0", + "lodash.assign": "^4.0.2" + } + } + } + } + } + }, + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": { + "bundle-dependencies": "1.0.2" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "error": "[Circular]", + "extraneous": false +} diff --git a/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm7_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm7_node22_macos-latest.json new file mode 100644 index 00000000..98b049fb --- /dev/null +++ b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm7_node22_macos-latest.json @@ -0,0 +1,1096 @@ +{ + "version": "0.0.0", + "name": "demo-bundled-deps", + "private": true, + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "license": "Apache-2.0", + "_id": "demo-bundled-deps@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "_dependencies": { + "bundle-dependencies": "1.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "bundle-dependencies": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "name": "bundle-dependencies", + "integrity": "sha512-fM9Q9hJcX1ZYnyjveHTptFZqpLKDO2gdxRhuB8MNSYEQvC6kImDDH2038J/tHfcuV0JRGUj8n8axDY0AnFkXfA==", + "bundleDependencies": [ + "yargs" + ], + "bin": { + "bundle-dependencies": "dist/bin/index.js" + }, + "_id": "bundle-dependencies@1.0.2", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies", + "_dependencies": { + "yargs": "^4.1.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "yargs": { + "version": "4.1.0", + "name": "yargs", + "inBundle": true, + "license": "MIT", + "_id": "yargs@4.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/yargs", + "_dependencies": { + "camelcase": "^2.0.1", + "cliui": "^3.0.3", + "decamelize": "^1.1.1", + "os-locale": "^1.4.0", + "pkg-conf": "^1.1.1", + "read-pkg-up": "^1.0.1", + "require-main-filename": "^1.0.0", + "string-width": "^1.0.1", + "window-size": "^0.2.0", + "y18n": "^3.2.0", + "yargs-parser": "^2.1.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "camelcase": { + "version": "2.1.0", + "name": "camelcase", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "camelcase@2.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/camelcase", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "cliui": { + "version": "3.1.0", + "name": "cliui", + "inBundle": true, + "license": "ISC", + "_id": "cliui@3.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/cliui", + "_dependencies": { + "string-width": "^1.0.1", + "strip-ansi": "^3.0.0", + "wrap-ansi": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "string-width": { + "version": "1.0.1", + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "strip-ansi": { + "version": "3.0.1", + "name": "strip-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-ansi@3.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-ansi", + "_dependencies": { + "ansi-regex": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "ansi-regex": { + "version": "2.0.0", + "name": "ansi-regex", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "ansi-regex@2.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/ansi-regex", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "wrap-ansi": { + "version": "1.0.0", + "name": "wrap-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "wrap-ansi@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/wrap-ansi", + "_dependencies": { + "string-width": "^1.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "string-width": { + "version": "1.0.1", + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "decamelize": { + "version": "1.1.2", + "name": "decamelize", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "decamelize@1.1.2", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/decamelize", + "_dependencies": { + "escape-string-regexp": "^1.0.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "escape-string-regexp": { + "version": "1.0.5", + "name": "escape-string-regexp", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.8.0" + }, + "_id": "escape-string-regexp@1.0.5", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/escape-string-regexp", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "os-locale": { + "version": "1.4.0", + "name": "os-locale", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "os-locale@1.4.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/os-locale", + "_dependencies": { + "lcid": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "lcid": { + "version": "1.0.0", + "name": "lcid", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "lcid@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lcid", + "_dependencies": { + "invert-kv": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "invert-kv": { + "version": "1.0.0", + "name": "invert-kv", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "invert-kv@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/invert-kv", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "pkg-conf": { + "version": "1.1.1", + "name": "pkg-conf", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pkg-conf@1.1.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pkg-conf", + "_dependencies": { + "find-up": "^1.0.0", + "object-assign": "^4.0.1", + "read-pkg": "^1.0.0", + "symbol": "^0.2.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "find-up": { + "version": "1.1.0", + "name": "find-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "find-up@1.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/find-up", + "_dependencies": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "path-exists": { + "version": "2.1.0", + "name": "path-exists", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "path-exists@2.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/path-exists", + "_dependencies": { + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "pinkie": { + "version": "2.0.4", + "name": "pinkie", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie@2.0.4", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "object-assign": { + "version": "4.0.1", + "name": "object-assign", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "object-assign@4.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/object-assign", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "read-pkg": { + "version": "1.1.0", + "name": "read-pkg", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg@1.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg", + "_dependencies": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "load-json-file": { + "version": "1.1.0", + "name": "load-json-file", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "load-json-file@1.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/load-json-file", + "_dependencies": { + "graceful-fs": "^4.1.2", + "parse-json": "^2.2.0", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0", + "strip-bom": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "graceful-fs": { + "version": "4.1.3", + "name": "graceful-fs", + "inBundle": true, + "license": "ISC", + "engines": { + "node": ">=0.4.0" + }, + "_id": "graceful-fs@4.1.3", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/graceful-fs", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "parse-json": { + "version": "2.2.0", + "name": "parse-json", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "parse-json@2.2.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/parse-json", + "_dependencies": { + "error-ex": "^1.2.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "error-ex": { + "version": "1.3.0", + "name": "error-ex", + "inBundle": true, + "license": "MIT", + "_id": "error-ex@1.3.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/error-ex", + "_dependencies": { + "is-arrayish": "^0.2.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "is-arrayish": { + "version": "0.2.1", + "name": "is-arrayish", + "inBundle": true, + "license": "MIT", + "_id": "is-arrayish@0.2.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-arrayish", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "pify": { + "version": "2.3.0", + "name": "pify", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pify@2.3.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pify", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "strip-bom": { + "version": "2.0.0", + "name": "strip-bom", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-bom@2.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-bom", + "_dependencies": { + "is-utf8": "^0.2.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "is-utf8": { + "version": "0.2.1", + "name": "is-utf8", + "inBundle": true, + "license": "MIT", + "_id": "is-utf8@0.2.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-utf8", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "normalize-package-data": { + "version": "2.3.5", + "name": "normalize-package-data", + "inBundle": true, + "license": "BSD-2-Clause", + "_id": "normalize-package-data@2.3.5", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/normalize-package-data", + "_dependencies": { + "hosted-git-info": "^2.1.4", + "is-builtin-module": "^1.0.0", + "semver": "2 || 3 || 4 || 5", + "validate-npm-package-license": "^3.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "hosted-git-info": { + "version": "2.1.4", + "name": "hosted-git-info", + "inBundle": true, + "license": "ISC", + "_id": "hosted-git-info@2.1.4", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/hosted-git-info", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "is-builtin-module": { + "version": "1.0.0", + "name": "is-builtin-module", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "is-builtin-module@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-builtin-module", + "_dependencies": { + "builtin-modules": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "builtin-modules": { + "version": "1.1.1", + "name": "builtin-modules", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "builtin-modules@1.1.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/builtin-modules", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "semver": { + "version": "5.1.0", + "name": "semver", + "inBundle": true, + "license": "ISC", + "bin": { + "semver": "bin/semver" + }, + "_id": "semver@5.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/semver", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "validate-npm-package-license": { + "version": "3.0.1", + "name": "validate-npm-package-license", + "inBundle": true, + "license": "Apache-2.0", + "_id": "validate-npm-package-license@3.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/validate-npm-package-license", + "_dependencies": { + "spdx-correct": "~1.0.0", + "spdx-expression-parse": "~1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-correct": { + "version": "1.0.2", + "name": "spdx-correct", + "inBundle": true, + "license": "Apache-2.0", + "_id": "spdx-correct@1.0.2", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-correct", + "_dependencies": { + "spdx-license-ids": "^1.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-license-ids": { + "version": "1.2.0", + "name": "spdx-license-ids", + "inBundle": true, + "license": "Unlicense", + "_id": "spdx-license-ids@1.2.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-license-ids", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "spdx-expression-parse": { + "version": "1.0.2", + "name": "spdx-expression-parse", + "inBundle": true, + "license": "(MIT AND CC-BY-3.0)", + "_id": "spdx-expression-parse@1.0.2", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-expression-parse", + "_dependencies": { + "spdx-exceptions": "^1.0.4", + "spdx-license-ids": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-exceptions": { + "version": "1.0.4", + "name": "spdx-exceptions", + "inBundle": true, + "license": "CC-BY-3.0", + "_id": "spdx-exceptions@1.0.4", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-exceptions", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "spdx-license-ids": { + "version": "1.2.0", + "name": "spdx-license-ids", + "inBundle": true, + "license": "Unlicense", + "_id": "spdx-license-ids@1.2.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-license-ids", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + } + } + }, + "path-type": { + "version": "1.1.0", + "name": "path-type", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "path-type@1.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/path-type", + "_dependencies": { + "graceful-fs": "^4.1.2", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "graceful-fs": { + "version": "4.1.3", + "name": "graceful-fs", + "inBundle": true, + "license": "ISC", + "engines": { + "node": ">=0.4.0" + }, + "_id": "graceful-fs@4.1.3", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/graceful-fs", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pify": { + "version": "2.3.0", + "name": "pify", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pify@2.3.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pify", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "symbol": { + "version": "0.2.1", + "name": "symbol", + "inBundle": true, + "license": "MPLv2.0", + "_id": "symbol@0.2.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/symbol", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "read-pkg-up": { + "version": "1.0.1", + "name": "read-pkg-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg-up@1.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg-up", + "_dependencies": { + "find-up": "^1.0.0", + "read-pkg": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "find-up": { + "version": "1.1.0", + "name": "find-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "find-up@1.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/find-up", + "_dependencies": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "read-pkg": { + "version": "1.1.0", + "name": "read-pkg", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg@1.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg", + "_dependencies": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "require-main-filename": { + "version": "1.0.1", + "name": "require-main-filename", + "inBundle": true, + "license": "ISC", + "_id": "require-main-filename@1.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/require-main-filename", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "string-width": { + "version": "1.0.1", + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "code-point-at": { + "version": "1.0.0", + "name": "code-point-at", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "code-point-at@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/code-point-at", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "number-is-nan": { + "version": "1.0.0", + "name": "number-is-nan", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "number-is-nan@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/number-is-nan", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "is-fullwidth-code-point": { + "version": "1.0.0", + "name": "is-fullwidth-code-point", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "is-fullwidth-code-point@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "number-is-nan": { + "version": "1.0.0", + "name": "number-is-nan", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "number-is-nan@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/number-is-nan", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "strip-ansi": { + "version": "3.0.1", + "name": "strip-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-ansi@3.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-ansi", + "_dependencies": { + "ansi-regex": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "window-size": { + "version": "0.2.0", + "name": "window-size", + "inBundle": true, + "license": "MIT", + "bin": { + "window-size": "cli.js" + }, + "engines": { + "node": ">= 0.10.0" + }, + "_id": "window-size@0.2.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/window-size", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "y18n": { + "version": "3.2.0", + "name": "y18n", + "inBundle": true, + "license": "ISC", + "_id": "y18n@3.2.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/y18n", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "yargs-parser": { + "version": "2.1.0", + "name": "yargs-parser", + "inBundle": true, + "license": "ISC", + "_id": "yargs-parser@2.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/yargs-parser", + "_dependencies": { + "camelcase": "^2.1.0", + "lodash.assign": "^4.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "camelcase": { + "version": "2.1.0", + "name": "camelcase", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "camelcase@2.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/camelcase", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "lodash.assign": { + "version": "4.0.3", + "name": "lodash.assign", + "inBundle": true, + "license": "MIT", + "_id": "lodash.assign@4.0.3", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.assign", + "_dependencies": { + "lodash.keys": "^4.0.0", + "lodash.rest": "^4.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "lodash.keys": { + "version": "4.0.3", + "name": "lodash.keys", + "inBundle": true, + "license": "MIT", + "_id": "lodash.keys@4.0.3", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.keys", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "lodash.rest": { + "version": "4.0.1", + "name": "lodash.rest", + "inBundle": true, + "license": "MIT", + "_id": "lodash.rest@4.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.rest", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + } + } + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm7_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm7_node22_ubuntu-latest.json new file mode 100644 index 00000000..884056a0 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm7_node22_ubuntu-latest.json @@ -0,0 +1,1096 @@ +{ + "version": "0.0.0", + "name": "demo-bundled-deps", + "private": true, + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "license": "Apache-2.0", + "_id": "demo-bundled-deps@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "_dependencies": { + "bundle-dependencies": "1.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "bundle-dependencies": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "name": "bundle-dependencies", + "integrity": "sha512-fM9Q9hJcX1ZYnyjveHTptFZqpLKDO2gdxRhuB8MNSYEQvC6kImDDH2038J/tHfcuV0JRGUj8n8axDY0AnFkXfA==", + "bundleDependencies": [ + "yargs" + ], + "bin": { + "bundle-dependencies": "dist/bin/index.js" + }, + "_id": "bundle-dependencies@1.0.2", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies", + "_dependencies": { + "yargs": "^4.1.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "yargs": { + "version": "4.1.0", + "name": "yargs", + "inBundle": true, + "license": "MIT", + "_id": "yargs@4.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/yargs", + "_dependencies": { + "camelcase": "^2.0.1", + "cliui": "^3.0.3", + "decamelize": "^1.1.1", + "os-locale": "^1.4.0", + "pkg-conf": "^1.1.1", + "read-pkg-up": "^1.0.1", + "require-main-filename": "^1.0.0", + "string-width": "^1.0.1", + "window-size": "^0.2.0", + "y18n": "^3.2.0", + "yargs-parser": "^2.1.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "camelcase": { + "version": "2.1.0", + "name": "camelcase", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "camelcase@2.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/camelcase", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "cliui": { + "version": "3.1.0", + "name": "cliui", + "inBundle": true, + "license": "ISC", + "_id": "cliui@3.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/cliui", + "_dependencies": { + "string-width": "^1.0.1", + "strip-ansi": "^3.0.0", + "wrap-ansi": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "string-width": { + "version": "1.0.1", + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "strip-ansi": { + "version": "3.0.1", + "name": "strip-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-ansi@3.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-ansi", + "_dependencies": { + "ansi-regex": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "ansi-regex": { + "version": "2.0.0", + "name": "ansi-regex", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "ansi-regex@2.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/ansi-regex", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "wrap-ansi": { + "version": "1.0.0", + "name": "wrap-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "wrap-ansi@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/wrap-ansi", + "_dependencies": { + "string-width": "^1.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "string-width": { + "version": "1.0.1", + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "decamelize": { + "version": "1.1.2", + "name": "decamelize", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "decamelize@1.1.2", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/decamelize", + "_dependencies": { + "escape-string-regexp": "^1.0.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "escape-string-regexp": { + "version": "1.0.5", + "name": "escape-string-regexp", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.8.0" + }, + "_id": "escape-string-regexp@1.0.5", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/escape-string-regexp", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "os-locale": { + "version": "1.4.0", + "name": "os-locale", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "os-locale@1.4.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/os-locale", + "_dependencies": { + "lcid": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "lcid": { + "version": "1.0.0", + "name": "lcid", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "lcid@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lcid", + "_dependencies": { + "invert-kv": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "invert-kv": { + "version": "1.0.0", + "name": "invert-kv", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "invert-kv@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/invert-kv", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "pkg-conf": { + "version": "1.1.1", + "name": "pkg-conf", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pkg-conf@1.1.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pkg-conf", + "_dependencies": { + "find-up": "^1.0.0", + "object-assign": "^4.0.1", + "read-pkg": "^1.0.0", + "symbol": "^0.2.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "find-up": { + "version": "1.1.0", + "name": "find-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "find-up@1.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/find-up", + "_dependencies": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "path-exists": { + "version": "2.1.0", + "name": "path-exists", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "path-exists@2.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/path-exists", + "_dependencies": { + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "pinkie": { + "version": "2.0.4", + "name": "pinkie", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie@2.0.4", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "object-assign": { + "version": "4.0.1", + "name": "object-assign", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "object-assign@4.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/object-assign", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "read-pkg": { + "version": "1.1.0", + "name": "read-pkg", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg@1.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg", + "_dependencies": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "load-json-file": { + "version": "1.1.0", + "name": "load-json-file", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "load-json-file@1.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/load-json-file", + "_dependencies": { + "graceful-fs": "^4.1.2", + "parse-json": "^2.2.0", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0", + "strip-bom": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "graceful-fs": { + "version": "4.1.3", + "name": "graceful-fs", + "inBundle": true, + "license": "ISC", + "engines": { + "node": ">=0.4.0" + }, + "_id": "graceful-fs@4.1.3", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/graceful-fs", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "parse-json": { + "version": "2.2.0", + "name": "parse-json", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "parse-json@2.2.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/parse-json", + "_dependencies": { + "error-ex": "^1.2.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "error-ex": { + "version": "1.3.0", + "name": "error-ex", + "inBundle": true, + "license": "MIT", + "_id": "error-ex@1.3.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/error-ex", + "_dependencies": { + "is-arrayish": "^0.2.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "is-arrayish": { + "version": "0.2.1", + "name": "is-arrayish", + "inBundle": true, + "license": "MIT", + "_id": "is-arrayish@0.2.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-arrayish", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "pify": { + "version": "2.3.0", + "name": "pify", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pify@2.3.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pify", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "strip-bom": { + "version": "2.0.0", + "name": "strip-bom", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-bom@2.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-bom", + "_dependencies": { + "is-utf8": "^0.2.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "is-utf8": { + "version": "0.2.1", + "name": "is-utf8", + "inBundle": true, + "license": "MIT", + "_id": "is-utf8@0.2.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-utf8", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "normalize-package-data": { + "version": "2.3.5", + "name": "normalize-package-data", + "inBundle": true, + "license": "BSD-2-Clause", + "_id": "normalize-package-data@2.3.5", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/normalize-package-data", + "_dependencies": { + "hosted-git-info": "^2.1.4", + "is-builtin-module": "^1.0.0", + "semver": "2 || 3 || 4 || 5", + "validate-npm-package-license": "^3.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "hosted-git-info": { + "version": "2.1.4", + "name": "hosted-git-info", + "inBundle": true, + "license": "ISC", + "_id": "hosted-git-info@2.1.4", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/hosted-git-info", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "is-builtin-module": { + "version": "1.0.0", + "name": "is-builtin-module", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "is-builtin-module@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-builtin-module", + "_dependencies": { + "builtin-modules": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "builtin-modules": { + "version": "1.1.1", + "name": "builtin-modules", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "builtin-modules@1.1.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/builtin-modules", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "semver": { + "version": "5.1.0", + "name": "semver", + "inBundle": true, + "license": "ISC", + "bin": { + "semver": "bin/semver" + }, + "_id": "semver@5.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/semver", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "validate-npm-package-license": { + "version": "3.0.1", + "name": "validate-npm-package-license", + "inBundle": true, + "license": "Apache-2.0", + "_id": "validate-npm-package-license@3.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/validate-npm-package-license", + "_dependencies": { + "spdx-correct": "~1.0.0", + "spdx-expression-parse": "~1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-correct": { + "version": "1.0.2", + "name": "spdx-correct", + "inBundle": true, + "license": "Apache-2.0", + "_id": "spdx-correct@1.0.2", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-correct", + "_dependencies": { + "spdx-license-ids": "^1.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-license-ids": { + "version": "1.2.0", + "name": "spdx-license-ids", + "inBundle": true, + "license": "Unlicense", + "_id": "spdx-license-ids@1.2.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-license-ids", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "spdx-expression-parse": { + "version": "1.0.2", + "name": "spdx-expression-parse", + "inBundle": true, + "license": "(MIT AND CC-BY-3.0)", + "_id": "spdx-expression-parse@1.0.2", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-expression-parse", + "_dependencies": { + "spdx-exceptions": "^1.0.4", + "spdx-license-ids": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-exceptions": { + "version": "1.0.4", + "name": "spdx-exceptions", + "inBundle": true, + "license": "CC-BY-3.0", + "_id": "spdx-exceptions@1.0.4", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-exceptions", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "spdx-license-ids": { + "version": "1.2.0", + "name": "spdx-license-ids", + "inBundle": true, + "license": "Unlicense", + "_id": "spdx-license-ids@1.2.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-license-ids", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + } + } + }, + "path-type": { + "version": "1.1.0", + "name": "path-type", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "path-type@1.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/path-type", + "_dependencies": { + "graceful-fs": "^4.1.2", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "graceful-fs": { + "version": "4.1.3", + "name": "graceful-fs", + "inBundle": true, + "license": "ISC", + "engines": { + "node": ">=0.4.0" + }, + "_id": "graceful-fs@4.1.3", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/graceful-fs", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pify": { + "version": "2.3.0", + "name": "pify", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pify@2.3.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pify", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "symbol": { + "version": "0.2.1", + "name": "symbol", + "inBundle": true, + "license": "MPLv2.0", + "_id": "symbol@0.2.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/symbol", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "read-pkg-up": { + "version": "1.0.1", + "name": "read-pkg-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg-up@1.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg-up", + "_dependencies": { + "find-up": "^1.0.0", + "read-pkg": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "find-up": { + "version": "1.1.0", + "name": "find-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "find-up@1.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/find-up", + "_dependencies": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "read-pkg": { + "version": "1.1.0", + "name": "read-pkg", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg@1.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg", + "_dependencies": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "require-main-filename": { + "version": "1.0.1", + "name": "require-main-filename", + "inBundle": true, + "license": "ISC", + "_id": "require-main-filename@1.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/require-main-filename", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "string-width": { + "version": "1.0.1", + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "code-point-at": { + "version": "1.0.0", + "name": "code-point-at", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "code-point-at@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/code-point-at", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "number-is-nan": { + "version": "1.0.0", + "name": "number-is-nan", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "number-is-nan@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/number-is-nan", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "is-fullwidth-code-point": { + "version": "1.0.0", + "name": "is-fullwidth-code-point", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "is-fullwidth-code-point@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "number-is-nan": { + "version": "1.0.0", + "name": "number-is-nan", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "number-is-nan@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/number-is-nan", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "strip-ansi": { + "version": "3.0.1", + "name": "strip-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-ansi@3.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-ansi", + "_dependencies": { + "ansi-regex": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "window-size": { + "version": "0.2.0", + "name": "window-size", + "inBundle": true, + "license": "MIT", + "bin": { + "window-size": "cli.js" + }, + "engines": { + "node": ">= 0.10.0" + }, + "_id": "window-size@0.2.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/window-size", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "y18n": { + "version": "3.2.0", + "name": "y18n", + "inBundle": true, + "license": "ISC", + "_id": "y18n@3.2.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/y18n", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "yargs-parser": { + "version": "2.1.0", + "name": "yargs-parser", + "inBundle": true, + "license": "ISC", + "_id": "yargs-parser@2.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/yargs-parser", + "_dependencies": { + "camelcase": "^2.1.0", + "lodash.assign": "^4.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "camelcase": { + "version": "2.1.0", + "name": "camelcase", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "camelcase@2.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/camelcase", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "lodash.assign": { + "version": "4.0.3", + "name": "lodash.assign", + "inBundle": true, + "license": "MIT", + "_id": "lodash.assign@4.0.3", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.assign", + "_dependencies": { + "lodash.keys": "^4.0.0", + "lodash.rest": "^4.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "lodash.keys": { + "version": "4.0.3", + "name": "lodash.keys", + "inBundle": true, + "license": "MIT", + "_id": "lodash.keys@4.0.3", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.keys", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "lodash.rest": { + "version": "4.0.1", + "name": "lodash.rest", + "inBundle": true, + "license": "MIT", + "_id": "lodash.rest@4.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.rest", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + } + } + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm7_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm7_node22_windows-latest.json new file mode 100644 index 00000000..7714ccec --- /dev/null +++ b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm7_node22_windows-latest.json @@ -0,0 +1,1096 @@ +{ + "version": "0.0.0", + "name": "demo-bundled-deps", + "private": true, + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "license": "Apache-2.0", + "_id": "demo-bundled-deps@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "_dependencies": { + "bundle-dependencies": "1.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "bundle-dependencies": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "name": "bundle-dependencies", + "integrity": "sha512-fM9Q9hJcX1ZYnyjveHTptFZqpLKDO2gdxRhuB8MNSYEQvC6kImDDH2038J/tHfcuV0JRGUj8n8axDY0AnFkXfA==", + "bundleDependencies": [ + "yargs" + ], + "bin": { + "bundle-dependencies": "dist/bin/index.js" + }, + "_id": "bundle-dependencies@1.0.2", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies", + "_dependencies": { + "yargs": "^4.1.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "yargs": { + "version": "4.1.0", + "name": "yargs", + "inBundle": true, + "license": "MIT", + "_id": "yargs@4.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\yargs", + "_dependencies": { + "camelcase": "^2.0.1", + "cliui": "^3.0.3", + "decamelize": "^1.1.1", + "os-locale": "^1.4.0", + "pkg-conf": "^1.1.1", + "read-pkg-up": "^1.0.1", + "require-main-filename": "^1.0.0", + "string-width": "^1.0.1", + "window-size": "^0.2.0", + "y18n": "^3.2.0", + "yargs-parser": "^2.1.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "camelcase": { + "version": "2.1.0", + "name": "camelcase", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "camelcase@2.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\camelcase", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "cliui": { + "version": "3.1.0", + "name": "cliui", + "inBundle": true, + "license": "ISC", + "_id": "cliui@3.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\cliui", + "_dependencies": { + "string-width": "^1.0.1", + "strip-ansi": "^3.0.0", + "wrap-ansi": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "string-width": { + "version": "1.0.1", + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "strip-ansi": { + "version": "3.0.1", + "name": "strip-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-ansi@3.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\strip-ansi", + "_dependencies": { + "ansi-regex": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "ansi-regex": { + "version": "2.0.0", + "name": "ansi-regex", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "ansi-regex@2.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\ansi-regex", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "wrap-ansi": { + "version": "1.0.0", + "name": "wrap-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "wrap-ansi@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\wrap-ansi", + "_dependencies": { + "string-width": "^1.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "string-width": { + "version": "1.0.1", + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "decamelize": { + "version": "1.1.2", + "name": "decamelize", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "decamelize@1.1.2", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\decamelize", + "_dependencies": { + "escape-string-regexp": "^1.0.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "escape-string-regexp": { + "version": "1.0.5", + "name": "escape-string-regexp", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.8.0" + }, + "_id": "escape-string-regexp@1.0.5", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\escape-string-regexp", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "os-locale": { + "version": "1.4.0", + "name": "os-locale", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "os-locale@1.4.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\os-locale", + "_dependencies": { + "lcid": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "lcid": { + "version": "1.0.0", + "name": "lcid", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "lcid@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\lcid", + "_dependencies": { + "invert-kv": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "invert-kv": { + "version": "1.0.0", + "name": "invert-kv", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "invert-kv@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\invert-kv", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "pkg-conf": { + "version": "1.1.1", + "name": "pkg-conf", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pkg-conf@1.1.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pkg-conf", + "_dependencies": { + "find-up": "^1.0.0", + "object-assign": "^4.0.1", + "read-pkg": "^1.0.0", + "symbol": "^0.2.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "find-up": { + "version": "1.1.0", + "name": "find-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "find-up@1.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\find-up", + "_dependencies": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "path-exists": { + "version": "2.1.0", + "name": "path-exists", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "path-exists@2.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\path-exists", + "_dependencies": { + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "pinkie": { + "version": "2.0.4", + "name": "pinkie", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie@2.0.4", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pinkie", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "object-assign": { + "version": "4.0.1", + "name": "object-assign", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "object-assign@4.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\object-assign", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "read-pkg": { + "version": "1.1.0", + "name": "read-pkg", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg@1.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\read-pkg", + "_dependencies": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "load-json-file": { + "version": "1.1.0", + "name": "load-json-file", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "load-json-file@1.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\load-json-file", + "_dependencies": { + "graceful-fs": "^4.1.2", + "parse-json": "^2.2.0", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0", + "strip-bom": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "graceful-fs": { + "version": "4.1.3", + "name": "graceful-fs", + "inBundle": true, + "license": "ISC", + "engines": { + "node": ">=0.4.0" + }, + "_id": "graceful-fs@4.1.3", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\graceful-fs", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "parse-json": { + "version": "2.2.0", + "name": "parse-json", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "parse-json@2.2.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\parse-json", + "_dependencies": { + "error-ex": "^1.2.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "error-ex": { + "version": "1.3.0", + "name": "error-ex", + "inBundle": true, + "license": "MIT", + "_id": "error-ex@1.3.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\error-ex", + "_dependencies": { + "is-arrayish": "^0.2.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "is-arrayish": { + "version": "0.2.1", + "name": "is-arrayish", + "inBundle": true, + "license": "MIT", + "_id": "is-arrayish@0.2.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\is-arrayish", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "pify": { + "version": "2.3.0", + "name": "pify", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pify@2.3.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pify", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "strip-bom": { + "version": "2.0.0", + "name": "strip-bom", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-bom@2.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\strip-bom", + "_dependencies": { + "is-utf8": "^0.2.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "is-utf8": { + "version": "0.2.1", + "name": "is-utf8", + "inBundle": true, + "license": "MIT", + "_id": "is-utf8@0.2.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\is-utf8", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "normalize-package-data": { + "version": "2.3.5", + "name": "normalize-package-data", + "inBundle": true, + "license": "BSD-2-Clause", + "_id": "normalize-package-data@2.3.5", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\normalize-package-data", + "_dependencies": { + "hosted-git-info": "^2.1.4", + "is-builtin-module": "^1.0.0", + "semver": "2 || 3 || 4 || 5", + "validate-npm-package-license": "^3.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "hosted-git-info": { + "version": "2.1.4", + "name": "hosted-git-info", + "inBundle": true, + "license": "ISC", + "_id": "hosted-git-info@2.1.4", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\hosted-git-info", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "is-builtin-module": { + "version": "1.0.0", + "name": "is-builtin-module", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "is-builtin-module@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\is-builtin-module", + "_dependencies": { + "builtin-modules": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "builtin-modules": { + "version": "1.1.1", + "name": "builtin-modules", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "builtin-modules@1.1.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\builtin-modules", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "semver": { + "version": "5.1.0", + "name": "semver", + "inBundle": true, + "license": "ISC", + "bin": { + "semver": "bin/semver" + }, + "_id": "semver@5.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\semver", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "validate-npm-package-license": { + "version": "3.0.1", + "name": "validate-npm-package-license", + "inBundle": true, + "license": "Apache-2.0", + "_id": "validate-npm-package-license@3.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\validate-npm-package-license", + "_dependencies": { + "spdx-correct": "~1.0.0", + "spdx-expression-parse": "~1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-correct": { + "version": "1.0.2", + "name": "spdx-correct", + "inBundle": true, + "license": "Apache-2.0", + "_id": "spdx-correct@1.0.2", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\spdx-correct", + "_dependencies": { + "spdx-license-ids": "^1.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-license-ids": { + "version": "1.2.0", + "name": "spdx-license-ids", + "inBundle": true, + "license": "Unlicense", + "_id": "spdx-license-ids@1.2.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\spdx-license-ids", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "spdx-expression-parse": { + "version": "1.0.2", + "name": "spdx-expression-parse", + "inBundle": true, + "license": "(MIT AND CC-BY-3.0)", + "_id": "spdx-expression-parse@1.0.2", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\spdx-expression-parse", + "_dependencies": { + "spdx-exceptions": "^1.0.4", + "spdx-license-ids": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-exceptions": { + "version": "1.0.4", + "name": "spdx-exceptions", + "inBundle": true, + "license": "CC-BY-3.0", + "_id": "spdx-exceptions@1.0.4", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\spdx-exceptions", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "spdx-license-ids": { + "version": "1.2.0", + "name": "spdx-license-ids", + "inBundle": true, + "license": "Unlicense", + "_id": "spdx-license-ids@1.2.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\spdx-license-ids", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + } + } + }, + "path-type": { + "version": "1.1.0", + "name": "path-type", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "path-type@1.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\path-type", + "_dependencies": { + "graceful-fs": "^4.1.2", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "graceful-fs": { + "version": "4.1.3", + "name": "graceful-fs", + "inBundle": true, + "license": "ISC", + "engines": { + "node": ">=0.4.0" + }, + "_id": "graceful-fs@4.1.3", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\graceful-fs", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pify": { + "version": "2.3.0", + "name": "pify", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pify@2.3.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pify", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "symbol": { + "version": "0.2.1", + "name": "symbol", + "inBundle": true, + "license": "MPLv2.0", + "_id": "symbol@0.2.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\symbol", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "read-pkg-up": { + "version": "1.0.1", + "name": "read-pkg-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg-up@1.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\read-pkg-up", + "_dependencies": { + "find-up": "^1.0.0", + "read-pkg": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "find-up": { + "version": "1.1.0", + "name": "find-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "find-up@1.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\find-up", + "_dependencies": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "read-pkg": { + "version": "1.1.0", + "name": "read-pkg", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg@1.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\read-pkg", + "_dependencies": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "require-main-filename": { + "version": "1.0.1", + "name": "require-main-filename", + "inBundle": true, + "license": "ISC", + "_id": "require-main-filename@1.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\require-main-filename", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "string-width": { + "version": "1.0.1", + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "code-point-at": { + "version": "1.0.0", + "name": "code-point-at", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "code-point-at@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\code-point-at", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "number-is-nan": { + "version": "1.0.0", + "name": "number-is-nan", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "number-is-nan@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\number-is-nan", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "is-fullwidth-code-point": { + "version": "1.0.0", + "name": "is-fullwidth-code-point", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "is-fullwidth-code-point@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\is-fullwidth-code-point", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "number-is-nan": { + "version": "1.0.0", + "name": "number-is-nan", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "number-is-nan@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\number-is-nan", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "strip-ansi": { + "version": "3.0.1", + "name": "strip-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-ansi@3.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\strip-ansi", + "_dependencies": { + "ansi-regex": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "window-size": { + "version": "0.2.0", + "name": "window-size", + "inBundle": true, + "license": "MIT", + "bin": { + "window-size": "cli.js" + }, + "engines": { + "node": ">= 0.10.0" + }, + "_id": "window-size@0.2.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\window-size", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "y18n": { + "version": "3.2.0", + "name": "y18n", + "inBundle": true, + "license": "ISC", + "_id": "y18n@3.2.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\y18n", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "yargs-parser": { + "version": "2.1.0", + "name": "yargs-parser", + "inBundle": true, + "license": "ISC", + "_id": "yargs-parser@2.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\yargs-parser", + "_dependencies": { + "camelcase": "^2.1.0", + "lodash.assign": "^4.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "camelcase": { + "version": "2.1.0", + "name": "camelcase", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "camelcase@2.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\camelcase", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "lodash.assign": { + "version": "4.0.3", + "name": "lodash.assign", + "inBundle": true, + "license": "MIT", + "_id": "lodash.assign@4.0.3", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\lodash.assign", + "_dependencies": { + "lodash.keys": "^4.0.0", + "lodash.rest": "^4.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "lodash.keys": { + "version": "4.0.3", + "name": "lodash.keys", + "inBundle": true, + "license": "MIT", + "_id": "lodash.keys@4.0.3", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\lodash.keys", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "lodash.rest": { + "version": "4.0.1", + "name": "lodash.rest", + "inBundle": true, + "license": "MIT", + "_id": "lodash.rest@4.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\lodash.rest", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + } + } + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm8_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm8_node22_macos-latest.json new file mode 100644 index 00000000..b413223f --- /dev/null +++ b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm8_node22_macos-latest.json @@ -0,0 +1,1147 @@ +{ + "version": "0.0.0", + "name": "demo-bundled-deps", + "private": true, + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "license": "Apache-2.0", + "_id": "demo-bundled-deps@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "_dependencies": { + "bundle-dependencies": "1.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "bundle-dependencies": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "overridden": false, + "name": "bundle-dependencies", + "integrity": "sha512-fM9Q9hJcX1ZYnyjveHTptFZqpLKDO2gdxRhuB8MNSYEQvC6kImDDH2038J/tHfcuV0JRGUj8n8axDY0AnFkXfA==", + "bundleDependencies": [ + "yargs" + ], + "bin": { + "bundle-dependencies": "dist/bin/index.js" + }, + "_id": "bundle-dependencies@1.0.2", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies", + "_dependencies": { + "yargs": "^4.1.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "yargs": { + "version": "4.1.0", + "overridden": false, + "name": "yargs", + "inBundle": true, + "license": "MIT", + "_id": "yargs@4.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/yargs", + "_dependencies": { + "camelcase": "^2.0.1", + "cliui": "^3.0.3", + "decamelize": "^1.1.1", + "os-locale": "^1.4.0", + "pkg-conf": "^1.1.1", + "read-pkg-up": "^1.0.1", + "require-main-filename": "^1.0.0", + "string-width": "^1.0.1", + "window-size": "^0.2.0", + "y18n": "^3.2.0", + "yargs-parser": "^2.1.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "camelcase": { + "version": "2.1.0", + "overridden": false, + "name": "camelcase", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "camelcase@2.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/camelcase", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "cliui": { + "version": "3.1.0", + "overridden": false, + "name": "cliui", + "inBundle": true, + "license": "ISC", + "_id": "cliui@3.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/cliui", + "_dependencies": { + "string-width": "^1.0.1", + "strip-ansi": "^3.0.0", + "wrap-ansi": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "string-width": { + "version": "1.0.1", + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "strip-ansi": { + "version": "3.0.1", + "overridden": false, + "name": "strip-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-ansi@3.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-ansi", + "_dependencies": { + "ansi-regex": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "ansi-regex": { + "version": "2.0.0", + "overridden": false, + "name": "ansi-regex", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "ansi-regex@2.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/ansi-regex", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "wrap-ansi": { + "version": "1.0.0", + "overridden": false, + "name": "wrap-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "wrap-ansi@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/wrap-ansi", + "_dependencies": { + "string-width": "^1.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "string-width": { + "version": "1.0.1", + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "decamelize": { + "version": "1.1.2", + "overridden": false, + "name": "decamelize", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "decamelize@1.1.2", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/decamelize", + "_dependencies": { + "escape-string-regexp": "^1.0.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "escape-string-regexp": { + "version": "1.0.5", + "overridden": false, + "name": "escape-string-regexp", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.8.0" + }, + "_id": "escape-string-regexp@1.0.5", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/escape-string-regexp", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "os-locale": { + "version": "1.4.0", + "overridden": false, + "name": "os-locale", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "os-locale@1.4.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/os-locale", + "_dependencies": { + "lcid": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "lcid": { + "version": "1.0.0", + "overridden": false, + "name": "lcid", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "lcid@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lcid", + "_dependencies": { + "invert-kv": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "invert-kv": { + "version": "1.0.0", + "overridden": false, + "name": "invert-kv", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "invert-kv@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/invert-kv", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "pkg-conf": { + "version": "1.1.1", + "overridden": false, + "name": "pkg-conf", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pkg-conf@1.1.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pkg-conf", + "_dependencies": { + "find-up": "^1.0.0", + "object-assign": "^4.0.1", + "read-pkg": "^1.0.0", + "symbol": "^0.2.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "find-up": { + "version": "1.1.0", + "overridden": false, + "name": "find-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "find-up@1.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/find-up", + "_dependencies": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "path-exists": { + "version": "2.1.0", + "overridden": false, + "name": "path-exists", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "path-exists@2.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/path-exists", + "_dependencies": { + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "pinkie-promise": { + "version": "2.0.0", + "overridden": false, + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "pinkie": { + "version": "2.0.4", + "overridden": false, + "name": "pinkie", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie@2.0.4", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "object-assign": { + "version": "4.0.1", + "overridden": false, + "name": "object-assign", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "object-assign@4.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/object-assign", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "read-pkg": { + "version": "1.1.0", + "overridden": false, + "name": "read-pkg", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg@1.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg", + "_dependencies": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "load-json-file": { + "version": "1.1.0", + "overridden": false, + "name": "load-json-file", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "load-json-file@1.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/load-json-file", + "_dependencies": { + "graceful-fs": "^4.1.2", + "parse-json": "^2.2.0", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0", + "strip-bom": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "graceful-fs": { + "version": "4.1.3", + "overridden": false, + "name": "graceful-fs", + "inBundle": true, + "license": "ISC", + "engines": { + "node": ">=0.4.0" + }, + "_id": "graceful-fs@4.1.3", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/graceful-fs", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "parse-json": { + "version": "2.2.0", + "overridden": false, + "name": "parse-json", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "parse-json@2.2.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/parse-json", + "_dependencies": { + "error-ex": "^1.2.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "error-ex": { + "version": "1.3.0", + "overridden": false, + "name": "error-ex", + "inBundle": true, + "license": "MIT", + "_id": "error-ex@1.3.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/error-ex", + "_dependencies": { + "is-arrayish": "^0.2.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "is-arrayish": { + "version": "0.2.1", + "overridden": false, + "name": "is-arrayish", + "inBundle": true, + "license": "MIT", + "_id": "is-arrayish@0.2.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-arrayish", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "pify": { + "version": "2.3.0", + "overridden": false, + "name": "pify", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pify@2.3.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pify", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "strip-bom": { + "version": "2.0.0", + "overridden": false, + "name": "strip-bom", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-bom@2.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-bom", + "_dependencies": { + "is-utf8": "^0.2.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "is-utf8": { + "version": "0.2.1", + "overridden": false, + "name": "is-utf8", + "inBundle": true, + "license": "MIT", + "_id": "is-utf8@0.2.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-utf8", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "normalize-package-data": { + "version": "2.3.5", + "overridden": false, + "name": "normalize-package-data", + "inBundle": true, + "license": "BSD-2-Clause", + "_id": "normalize-package-data@2.3.5", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/normalize-package-data", + "_dependencies": { + "hosted-git-info": "^2.1.4", + "is-builtin-module": "^1.0.0", + "semver": "2 || 3 || 4 || 5", + "validate-npm-package-license": "^3.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "hosted-git-info": { + "version": "2.1.4", + "overridden": false, + "name": "hosted-git-info", + "inBundle": true, + "license": "ISC", + "_id": "hosted-git-info@2.1.4", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/hosted-git-info", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "is-builtin-module": { + "version": "1.0.0", + "overridden": false, + "name": "is-builtin-module", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "is-builtin-module@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-builtin-module", + "_dependencies": { + "builtin-modules": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "builtin-modules": { + "version": "1.1.1", + "overridden": false, + "name": "builtin-modules", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "builtin-modules@1.1.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/builtin-modules", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "semver": { + "version": "5.1.0", + "overridden": false, + "name": "semver", + "inBundle": true, + "license": "ISC", + "bin": { + "semver": "bin/semver" + }, + "_id": "semver@5.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/semver", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "validate-npm-package-license": { + "version": "3.0.1", + "overridden": false, + "name": "validate-npm-package-license", + "inBundle": true, + "license": "Apache-2.0", + "_id": "validate-npm-package-license@3.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/validate-npm-package-license", + "_dependencies": { + "spdx-correct": "~1.0.0", + "spdx-expression-parse": "~1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-correct": { + "version": "1.0.2", + "overridden": false, + "name": "spdx-correct", + "inBundle": true, + "license": "Apache-2.0", + "_id": "spdx-correct@1.0.2", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-correct", + "_dependencies": { + "spdx-license-ids": "^1.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-license-ids": { + "version": "1.2.0", + "overridden": false, + "name": "spdx-license-ids", + "inBundle": true, + "license": "Unlicense", + "_id": "spdx-license-ids@1.2.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-license-ids", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "spdx-expression-parse": { + "version": "1.0.2", + "overridden": false, + "name": "spdx-expression-parse", + "inBundle": true, + "license": "(MIT AND CC-BY-3.0)", + "_id": "spdx-expression-parse@1.0.2", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-expression-parse", + "_dependencies": { + "spdx-exceptions": "^1.0.4", + "spdx-license-ids": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-exceptions": { + "version": "1.0.4", + "overridden": false, + "name": "spdx-exceptions", + "inBundle": true, + "license": "CC-BY-3.0", + "_id": "spdx-exceptions@1.0.4", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-exceptions", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "spdx-license-ids": { + "version": "1.2.0", + "name": "spdx-license-ids", + "inBundle": true, + "license": "Unlicense", + "_id": "spdx-license-ids@1.2.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-license-ids", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + } + } + }, + "path-type": { + "version": "1.1.0", + "overridden": false, + "name": "path-type", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "path-type@1.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/path-type", + "_dependencies": { + "graceful-fs": "^4.1.2", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "graceful-fs": { + "version": "4.1.3", + "name": "graceful-fs", + "inBundle": true, + "license": "ISC", + "engines": { + "node": ">=0.4.0" + }, + "_id": "graceful-fs@4.1.3", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/graceful-fs", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pify": { + "version": "2.3.0", + "name": "pify", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pify@2.3.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pify", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "symbol": { + "version": "0.2.1", + "overridden": false, + "name": "symbol", + "inBundle": true, + "license": "MPLv2.0", + "_id": "symbol@0.2.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/symbol", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "read-pkg-up": { + "version": "1.0.1", + "overridden": false, + "name": "read-pkg-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg-up@1.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg-up", + "_dependencies": { + "find-up": "^1.0.0", + "read-pkg": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "find-up": { + "version": "1.1.0", + "name": "find-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "find-up@1.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/find-up", + "_dependencies": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "read-pkg": { + "version": "1.1.0", + "name": "read-pkg", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg@1.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg", + "_dependencies": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "require-main-filename": { + "version": "1.0.1", + "overridden": false, + "name": "require-main-filename", + "inBundle": true, + "license": "ISC", + "_id": "require-main-filename@1.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/require-main-filename", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "string-width": { + "version": "1.0.1", + "overridden": false, + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "code-point-at": { + "version": "1.0.0", + "overridden": false, + "name": "code-point-at", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "code-point-at@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/code-point-at", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "number-is-nan": { + "version": "1.0.0", + "overridden": false, + "name": "number-is-nan", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "number-is-nan@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/number-is-nan", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "is-fullwidth-code-point": { + "version": "1.0.0", + "overridden": false, + "name": "is-fullwidth-code-point", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "is-fullwidth-code-point@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "number-is-nan": { + "version": "1.0.0", + "name": "number-is-nan", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "number-is-nan@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/number-is-nan", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "strip-ansi": { + "version": "3.0.1", + "name": "strip-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-ansi@3.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-ansi", + "_dependencies": { + "ansi-regex": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "window-size": { + "version": "0.2.0", + "overridden": false, + "name": "window-size", + "inBundle": true, + "license": "MIT", + "bin": { + "window-size": "cli.js" + }, + "engines": { + "node": ">= 0.10.0" + }, + "_id": "window-size@0.2.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/window-size", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "y18n": { + "version": "3.2.0", + "overridden": false, + "name": "y18n", + "inBundle": true, + "license": "ISC", + "_id": "y18n@3.2.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/y18n", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "yargs-parser": { + "version": "2.1.0", + "overridden": false, + "name": "yargs-parser", + "inBundle": true, + "license": "ISC", + "_id": "yargs-parser@2.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/yargs-parser", + "_dependencies": { + "camelcase": "^2.1.0", + "lodash.assign": "^4.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "camelcase": { + "version": "2.1.0", + "name": "camelcase", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "camelcase@2.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/camelcase", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "lodash.assign": { + "version": "4.0.3", + "overridden": false, + "name": "lodash.assign", + "inBundle": true, + "license": "MIT", + "_id": "lodash.assign@4.0.3", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.assign", + "_dependencies": { + "lodash.keys": "^4.0.0", + "lodash.rest": "^4.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "lodash.keys": { + "version": "4.0.3", + "overridden": false, + "name": "lodash.keys", + "inBundle": true, + "license": "MIT", + "_id": "lodash.keys@4.0.3", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.keys", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "lodash.rest": { + "version": "4.0.1", + "overridden": false, + "name": "lodash.rest", + "inBundle": true, + "license": "MIT", + "_id": "lodash.rest@4.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.rest", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + } + } + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm8_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm8_node22_ubuntu-latest.json new file mode 100644 index 00000000..5aa837af --- /dev/null +++ b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm8_node22_ubuntu-latest.json @@ -0,0 +1,1147 @@ +{ + "version": "0.0.0", + "name": "demo-bundled-deps", + "private": true, + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "license": "Apache-2.0", + "_id": "demo-bundled-deps@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "_dependencies": { + "bundle-dependencies": "1.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "bundle-dependencies": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "overridden": false, + "name": "bundle-dependencies", + "integrity": "sha512-fM9Q9hJcX1ZYnyjveHTptFZqpLKDO2gdxRhuB8MNSYEQvC6kImDDH2038J/tHfcuV0JRGUj8n8axDY0AnFkXfA==", + "bundleDependencies": [ + "yargs" + ], + "bin": { + "bundle-dependencies": "dist/bin/index.js" + }, + "_id": "bundle-dependencies@1.0.2", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies", + "_dependencies": { + "yargs": "^4.1.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "yargs": { + "version": "4.1.0", + "overridden": false, + "name": "yargs", + "inBundle": true, + "license": "MIT", + "_id": "yargs@4.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/yargs", + "_dependencies": { + "camelcase": "^2.0.1", + "cliui": "^3.0.3", + "decamelize": "^1.1.1", + "os-locale": "^1.4.0", + "pkg-conf": "^1.1.1", + "read-pkg-up": "^1.0.1", + "require-main-filename": "^1.0.0", + "string-width": "^1.0.1", + "window-size": "^0.2.0", + "y18n": "^3.2.0", + "yargs-parser": "^2.1.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "camelcase": { + "version": "2.1.0", + "overridden": false, + "name": "camelcase", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "camelcase@2.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/camelcase", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "cliui": { + "version": "3.1.0", + "overridden": false, + "name": "cliui", + "inBundle": true, + "license": "ISC", + "_id": "cliui@3.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/cliui", + "_dependencies": { + "string-width": "^1.0.1", + "strip-ansi": "^3.0.0", + "wrap-ansi": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "string-width": { + "version": "1.0.1", + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "strip-ansi": { + "version": "3.0.1", + "overridden": false, + "name": "strip-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-ansi@3.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-ansi", + "_dependencies": { + "ansi-regex": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "ansi-regex": { + "version": "2.0.0", + "overridden": false, + "name": "ansi-regex", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "ansi-regex@2.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/ansi-regex", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "wrap-ansi": { + "version": "1.0.0", + "overridden": false, + "name": "wrap-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "wrap-ansi@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/wrap-ansi", + "_dependencies": { + "string-width": "^1.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "string-width": { + "version": "1.0.1", + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "decamelize": { + "version": "1.1.2", + "overridden": false, + "name": "decamelize", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "decamelize@1.1.2", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/decamelize", + "_dependencies": { + "escape-string-regexp": "^1.0.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "escape-string-regexp": { + "version": "1.0.5", + "overridden": false, + "name": "escape-string-regexp", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.8.0" + }, + "_id": "escape-string-regexp@1.0.5", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/escape-string-regexp", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "os-locale": { + "version": "1.4.0", + "overridden": false, + "name": "os-locale", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "os-locale@1.4.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/os-locale", + "_dependencies": { + "lcid": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "lcid": { + "version": "1.0.0", + "overridden": false, + "name": "lcid", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "lcid@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lcid", + "_dependencies": { + "invert-kv": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "invert-kv": { + "version": "1.0.0", + "overridden": false, + "name": "invert-kv", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "invert-kv@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/invert-kv", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "pkg-conf": { + "version": "1.1.1", + "overridden": false, + "name": "pkg-conf", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pkg-conf@1.1.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pkg-conf", + "_dependencies": { + "find-up": "^1.0.0", + "object-assign": "^4.0.1", + "read-pkg": "^1.0.0", + "symbol": "^0.2.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "find-up": { + "version": "1.1.0", + "overridden": false, + "name": "find-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "find-up@1.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/find-up", + "_dependencies": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "path-exists": { + "version": "2.1.0", + "overridden": false, + "name": "path-exists", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "path-exists@2.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/path-exists", + "_dependencies": { + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "pinkie-promise": { + "version": "2.0.0", + "overridden": false, + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "pinkie": { + "version": "2.0.4", + "overridden": false, + "name": "pinkie", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie@2.0.4", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "object-assign": { + "version": "4.0.1", + "overridden": false, + "name": "object-assign", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "object-assign@4.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/object-assign", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "read-pkg": { + "version": "1.1.0", + "overridden": false, + "name": "read-pkg", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg@1.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg", + "_dependencies": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "load-json-file": { + "version": "1.1.0", + "overridden": false, + "name": "load-json-file", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "load-json-file@1.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/load-json-file", + "_dependencies": { + "graceful-fs": "^4.1.2", + "parse-json": "^2.2.0", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0", + "strip-bom": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "graceful-fs": { + "version": "4.1.3", + "overridden": false, + "name": "graceful-fs", + "inBundle": true, + "license": "ISC", + "engines": { + "node": ">=0.4.0" + }, + "_id": "graceful-fs@4.1.3", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/graceful-fs", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "parse-json": { + "version": "2.2.0", + "overridden": false, + "name": "parse-json", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "parse-json@2.2.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/parse-json", + "_dependencies": { + "error-ex": "^1.2.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "error-ex": { + "version": "1.3.0", + "overridden": false, + "name": "error-ex", + "inBundle": true, + "license": "MIT", + "_id": "error-ex@1.3.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/error-ex", + "_dependencies": { + "is-arrayish": "^0.2.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "is-arrayish": { + "version": "0.2.1", + "overridden": false, + "name": "is-arrayish", + "inBundle": true, + "license": "MIT", + "_id": "is-arrayish@0.2.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-arrayish", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "pify": { + "version": "2.3.0", + "overridden": false, + "name": "pify", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pify@2.3.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pify", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "strip-bom": { + "version": "2.0.0", + "overridden": false, + "name": "strip-bom", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-bom@2.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-bom", + "_dependencies": { + "is-utf8": "^0.2.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "is-utf8": { + "version": "0.2.1", + "overridden": false, + "name": "is-utf8", + "inBundle": true, + "license": "MIT", + "_id": "is-utf8@0.2.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-utf8", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "normalize-package-data": { + "version": "2.3.5", + "overridden": false, + "name": "normalize-package-data", + "inBundle": true, + "license": "BSD-2-Clause", + "_id": "normalize-package-data@2.3.5", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/normalize-package-data", + "_dependencies": { + "hosted-git-info": "^2.1.4", + "is-builtin-module": "^1.0.0", + "semver": "2 || 3 || 4 || 5", + "validate-npm-package-license": "^3.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "hosted-git-info": { + "version": "2.1.4", + "overridden": false, + "name": "hosted-git-info", + "inBundle": true, + "license": "ISC", + "_id": "hosted-git-info@2.1.4", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/hosted-git-info", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "is-builtin-module": { + "version": "1.0.0", + "overridden": false, + "name": "is-builtin-module", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "is-builtin-module@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-builtin-module", + "_dependencies": { + "builtin-modules": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "builtin-modules": { + "version": "1.1.1", + "overridden": false, + "name": "builtin-modules", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "builtin-modules@1.1.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/builtin-modules", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "semver": { + "version": "5.1.0", + "overridden": false, + "name": "semver", + "inBundle": true, + "license": "ISC", + "bin": { + "semver": "bin/semver" + }, + "_id": "semver@5.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/semver", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "validate-npm-package-license": { + "version": "3.0.1", + "overridden": false, + "name": "validate-npm-package-license", + "inBundle": true, + "license": "Apache-2.0", + "_id": "validate-npm-package-license@3.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/validate-npm-package-license", + "_dependencies": { + "spdx-correct": "~1.0.0", + "spdx-expression-parse": "~1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-correct": { + "version": "1.0.2", + "overridden": false, + "name": "spdx-correct", + "inBundle": true, + "license": "Apache-2.0", + "_id": "spdx-correct@1.0.2", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-correct", + "_dependencies": { + "spdx-license-ids": "^1.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-license-ids": { + "version": "1.2.0", + "overridden": false, + "name": "spdx-license-ids", + "inBundle": true, + "license": "Unlicense", + "_id": "spdx-license-ids@1.2.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-license-ids", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "spdx-expression-parse": { + "version": "1.0.2", + "overridden": false, + "name": "spdx-expression-parse", + "inBundle": true, + "license": "(MIT AND CC-BY-3.0)", + "_id": "spdx-expression-parse@1.0.2", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-expression-parse", + "_dependencies": { + "spdx-exceptions": "^1.0.4", + "spdx-license-ids": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-exceptions": { + "version": "1.0.4", + "overridden": false, + "name": "spdx-exceptions", + "inBundle": true, + "license": "CC-BY-3.0", + "_id": "spdx-exceptions@1.0.4", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-exceptions", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "spdx-license-ids": { + "version": "1.2.0", + "name": "spdx-license-ids", + "inBundle": true, + "license": "Unlicense", + "_id": "spdx-license-ids@1.2.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-license-ids", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + } + } + }, + "path-type": { + "version": "1.1.0", + "overridden": false, + "name": "path-type", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "path-type@1.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/path-type", + "_dependencies": { + "graceful-fs": "^4.1.2", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "graceful-fs": { + "version": "4.1.3", + "name": "graceful-fs", + "inBundle": true, + "license": "ISC", + "engines": { + "node": ">=0.4.0" + }, + "_id": "graceful-fs@4.1.3", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/graceful-fs", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pify": { + "version": "2.3.0", + "name": "pify", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pify@2.3.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pify", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "symbol": { + "version": "0.2.1", + "overridden": false, + "name": "symbol", + "inBundle": true, + "license": "MPLv2.0", + "_id": "symbol@0.2.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/symbol", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "read-pkg-up": { + "version": "1.0.1", + "overridden": false, + "name": "read-pkg-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg-up@1.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg-up", + "_dependencies": { + "find-up": "^1.0.0", + "read-pkg": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "find-up": { + "version": "1.1.0", + "name": "find-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "find-up@1.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/find-up", + "_dependencies": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "read-pkg": { + "version": "1.1.0", + "name": "read-pkg", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg@1.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg", + "_dependencies": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "require-main-filename": { + "version": "1.0.1", + "overridden": false, + "name": "require-main-filename", + "inBundle": true, + "license": "ISC", + "_id": "require-main-filename@1.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/require-main-filename", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "string-width": { + "version": "1.0.1", + "overridden": false, + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "code-point-at": { + "version": "1.0.0", + "overridden": false, + "name": "code-point-at", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "code-point-at@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/code-point-at", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "number-is-nan": { + "version": "1.0.0", + "overridden": false, + "name": "number-is-nan", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "number-is-nan@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/number-is-nan", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "is-fullwidth-code-point": { + "version": "1.0.0", + "overridden": false, + "name": "is-fullwidth-code-point", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "is-fullwidth-code-point@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "number-is-nan": { + "version": "1.0.0", + "name": "number-is-nan", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "number-is-nan@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/number-is-nan", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "strip-ansi": { + "version": "3.0.1", + "name": "strip-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-ansi@3.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-ansi", + "_dependencies": { + "ansi-regex": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "window-size": { + "version": "0.2.0", + "overridden": false, + "name": "window-size", + "inBundle": true, + "license": "MIT", + "bin": { + "window-size": "cli.js" + }, + "engines": { + "node": ">= 0.10.0" + }, + "_id": "window-size@0.2.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/window-size", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "y18n": { + "version": "3.2.0", + "overridden": false, + "name": "y18n", + "inBundle": true, + "license": "ISC", + "_id": "y18n@3.2.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/y18n", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "yargs-parser": { + "version": "2.1.0", + "overridden": false, + "name": "yargs-parser", + "inBundle": true, + "license": "ISC", + "_id": "yargs-parser@2.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/yargs-parser", + "_dependencies": { + "camelcase": "^2.1.0", + "lodash.assign": "^4.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "camelcase": { + "version": "2.1.0", + "name": "camelcase", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "camelcase@2.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/camelcase", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "lodash.assign": { + "version": "4.0.3", + "overridden": false, + "name": "lodash.assign", + "inBundle": true, + "license": "MIT", + "_id": "lodash.assign@4.0.3", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.assign", + "_dependencies": { + "lodash.keys": "^4.0.0", + "lodash.rest": "^4.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "lodash.keys": { + "version": "4.0.3", + "overridden": false, + "name": "lodash.keys", + "inBundle": true, + "license": "MIT", + "_id": "lodash.keys@4.0.3", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.keys", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "lodash.rest": { + "version": "4.0.1", + "overridden": false, + "name": "lodash.rest", + "inBundle": true, + "license": "MIT", + "_id": "lodash.rest@4.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.rest", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + } + } + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm8_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm8_node22_windows-latest.json new file mode 100644 index 00000000..9ffc70d7 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm8_node22_windows-latest.json @@ -0,0 +1,1147 @@ +{ + "version": "0.0.0", + "name": "demo-bundled-deps", + "private": true, + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "license": "Apache-2.0", + "_id": "demo-bundled-deps@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "_dependencies": { + "bundle-dependencies": "1.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "bundle-dependencies": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "overridden": false, + "name": "bundle-dependencies", + "integrity": "sha512-fM9Q9hJcX1ZYnyjveHTptFZqpLKDO2gdxRhuB8MNSYEQvC6kImDDH2038J/tHfcuV0JRGUj8n8axDY0AnFkXfA==", + "bundleDependencies": [ + "yargs" + ], + "bin": { + "bundle-dependencies": "dist/bin/index.js" + }, + "_id": "bundle-dependencies@1.0.2", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies", + "_dependencies": { + "yargs": "^4.1.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "yargs": { + "version": "4.1.0", + "overridden": false, + "name": "yargs", + "inBundle": true, + "license": "MIT", + "_id": "yargs@4.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\yargs", + "_dependencies": { + "camelcase": "^2.0.1", + "cliui": "^3.0.3", + "decamelize": "^1.1.1", + "os-locale": "^1.4.0", + "pkg-conf": "^1.1.1", + "read-pkg-up": "^1.0.1", + "require-main-filename": "^1.0.0", + "string-width": "^1.0.1", + "window-size": "^0.2.0", + "y18n": "^3.2.0", + "yargs-parser": "^2.1.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "camelcase": { + "version": "2.1.0", + "overridden": false, + "name": "camelcase", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "camelcase@2.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\camelcase", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "cliui": { + "version": "3.1.0", + "overridden": false, + "name": "cliui", + "inBundle": true, + "license": "ISC", + "_id": "cliui@3.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\cliui", + "_dependencies": { + "string-width": "^1.0.1", + "strip-ansi": "^3.0.0", + "wrap-ansi": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "string-width": { + "version": "1.0.1", + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "strip-ansi": { + "version": "3.0.1", + "overridden": false, + "name": "strip-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-ansi@3.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\strip-ansi", + "_dependencies": { + "ansi-regex": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "ansi-regex": { + "version": "2.0.0", + "overridden": false, + "name": "ansi-regex", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "ansi-regex@2.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\ansi-regex", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "wrap-ansi": { + "version": "1.0.0", + "overridden": false, + "name": "wrap-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "wrap-ansi@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\wrap-ansi", + "_dependencies": { + "string-width": "^1.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "string-width": { + "version": "1.0.1", + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "decamelize": { + "version": "1.1.2", + "overridden": false, + "name": "decamelize", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "decamelize@1.1.2", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\decamelize", + "_dependencies": { + "escape-string-regexp": "^1.0.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "escape-string-regexp": { + "version": "1.0.5", + "overridden": false, + "name": "escape-string-regexp", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.8.0" + }, + "_id": "escape-string-regexp@1.0.5", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\escape-string-regexp", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "os-locale": { + "version": "1.4.0", + "overridden": false, + "name": "os-locale", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "os-locale@1.4.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\os-locale", + "_dependencies": { + "lcid": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "lcid": { + "version": "1.0.0", + "overridden": false, + "name": "lcid", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "lcid@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\lcid", + "_dependencies": { + "invert-kv": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "invert-kv": { + "version": "1.0.0", + "overridden": false, + "name": "invert-kv", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "invert-kv@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\invert-kv", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "pkg-conf": { + "version": "1.1.1", + "overridden": false, + "name": "pkg-conf", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pkg-conf@1.1.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pkg-conf", + "_dependencies": { + "find-up": "^1.0.0", + "object-assign": "^4.0.1", + "read-pkg": "^1.0.0", + "symbol": "^0.2.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "find-up": { + "version": "1.1.0", + "overridden": false, + "name": "find-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "find-up@1.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\find-up", + "_dependencies": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "path-exists": { + "version": "2.1.0", + "overridden": false, + "name": "path-exists", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "path-exists@2.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\path-exists", + "_dependencies": { + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "pinkie-promise": { + "version": "2.0.0", + "overridden": false, + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "pinkie": { + "version": "2.0.4", + "overridden": false, + "name": "pinkie", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie@2.0.4", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pinkie", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "object-assign": { + "version": "4.0.1", + "overridden": false, + "name": "object-assign", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "object-assign@4.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\object-assign", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "read-pkg": { + "version": "1.1.0", + "overridden": false, + "name": "read-pkg", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg@1.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\read-pkg", + "_dependencies": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "load-json-file": { + "version": "1.1.0", + "overridden": false, + "name": "load-json-file", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "load-json-file@1.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\load-json-file", + "_dependencies": { + "graceful-fs": "^4.1.2", + "parse-json": "^2.2.0", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0", + "strip-bom": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "graceful-fs": { + "version": "4.1.3", + "overridden": false, + "name": "graceful-fs", + "inBundle": true, + "license": "ISC", + "engines": { + "node": ">=0.4.0" + }, + "_id": "graceful-fs@4.1.3", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\graceful-fs", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "parse-json": { + "version": "2.2.0", + "overridden": false, + "name": "parse-json", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "parse-json@2.2.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\parse-json", + "_dependencies": { + "error-ex": "^1.2.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "error-ex": { + "version": "1.3.0", + "overridden": false, + "name": "error-ex", + "inBundle": true, + "license": "MIT", + "_id": "error-ex@1.3.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\error-ex", + "_dependencies": { + "is-arrayish": "^0.2.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "is-arrayish": { + "version": "0.2.1", + "overridden": false, + "name": "is-arrayish", + "inBundle": true, + "license": "MIT", + "_id": "is-arrayish@0.2.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\is-arrayish", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "pify": { + "version": "2.3.0", + "overridden": false, + "name": "pify", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pify@2.3.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pify", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "strip-bom": { + "version": "2.0.0", + "overridden": false, + "name": "strip-bom", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-bom@2.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\strip-bom", + "_dependencies": { + "is-utf8": "^0.2.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "is-utf8": { + "version": "0.2.1", + "overridden": false, + "name": "is-utf8", + "inBundle": true, + "license": "MIT", + "_id": "is-utf8@0.2.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\is-utf8", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "normalize-package-data": { + "version": "2.3.5", + "overridden": false, + "name": "normalize-package-data", + "inBundle": true, + "license": "BSD-2-Clause", + "_id": "normalize-package-data@2.3.5", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\normalize-package-data", + "_dependencies": { + "hosted-git-info": "^2.1.4", + "is-builtin-module": "^1.0.0", + "semver": "2 || 3 || 4 || 5", + "validate-npm-package-license": "^3.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "hosted-git-info": { + "version": "2.1.4", + "overridden": false, + "name": "hosted-git-info", + "inBundle": true, + "license": "ISC", + "_id": "hosted-git-info@2.1.4", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\hosted-git-info", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "is-builtin-module": { + "version": "1.0.0", + "overridden": false, + "name": "is-builtin-module", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "is-builtin-module@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\is-builtin-module", + "_dependencies": { + "builtin-modules": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "builtin-modules": { + "version": "1.1.1", + "overridden": false, + "name": "builtin-modules", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "builtin-modules@1.1.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\builtin-modules", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "semver": { + "version": "5.1.0", + "overridden": false, + "name": "semver", + "inBundle": true, + "license": "ISC", + "bin": { + "semver": "bin/semver" + }, + "_id": "semver@5.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\semver", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "validate-npm-package-license": { + "version": "3.0.1", + "overridden": false, + "name": "validate-npm-package-license", + "inBundle": true, + "license": "Apache-2.0", + "_id": "validate-npm-package-license@3.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\validate-npm-package-license", + "_dependencies": { + "spdx-correct": "~1.0.0", + "spdx-expression-parse": "~1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-correct": { + "version": "1.0.2", + "overridden": false, + "name": "spdx-correct", + "inBundle": true, + "license": "Apache-2.0", + "_id": "spdx-correct@1.0.2", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\spdx-correct", + "_dependencies": { + "spdx-license-ids": "^1.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-license-ids": { + "version": "1.2.0", + "overridden": false, + "name": "spdx-license-ids", + "inBundle": true, + "license": "Unlicense", + "_id": "spdx-license-ids@1.2.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\spdx-license-ids", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "spdx-expression-parse": { + "version": "1.0.2", + "overridden": false, + "name": "spdx-expression-parse", + "inBundle": true, + "license": "(MIT AND CC-BY-3.0)", + "_id": "spdx-expression-parse@1.0.2", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\spdx-expression-parse", + "_dependencies": { + "spdx-exceptions": "^1.0.4", + "spdx-license-ids": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-exceptions": { + "version": "1.0.4", + "overridden": false, + "name": "spdx-exceptions", + "inBundle": true, + "license": "CC-BY-3.0", + "_id": "spdx-exceptions@1.0.4", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\spdx-exceptions", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "spdx-license-ids": { + "version": "1.2.0", + "name": "spdx-license-ids", + "inBundle": true, + "license": "Unlicense", + "_id": "spdx-license-ids@1.2.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\spdx-license-ids", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + } + } + }, + "path-type": { + "version": "1.1.0", + "overridden": false, + "name": "path-type", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "path-type@1.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\path-type", + "_dependencies": { + "graceful-fs": "^4.1.2", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "graceful-fs": { + "version": "4.1.3", + "name": "graceful-fs", + "inBundle": true, + "license": "ISC", + "engines": { + "node": ">=0.4.0" + }, + "_id": "graceful-fs@4.1.3", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\graceful-fs", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pify": { + "version": "2.3.0", + "name": "pify", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pify@2.3.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pify", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "symbol": { + "version": "0.2.1", + "overridden": false, + "name": "symbol", + "inBundle": true, + "license": "MPLv2.0", + "_id": "symbol@0.2.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\symbol", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "read-pkg-up": { + "version": "1.0.1", + "overridden": false, + "name": "read-pkg-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg-up@1.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\read-pkg-up", + "_dependencies": { + "find-up": "^1.0.0", + "read-pkg": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "find-up": { + "version": "1.1.0", + "name": "find-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "find-up@1.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\find-up", + "_dependencies": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "read-pkg": { + "version": "1.1.0", + "name": "read-pkg", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg@1.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\read-pkg", + "_dependencies": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "require-main-filename": { + "version": "1.0.1", + "overridden": false, + "name": "require-main-filename", + "inBundle": true, + "license": "ISC", + "_id": "require-main-filename@1.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\require-main-filename", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "string-width": { + "version": "1.0.1", + "overridden": false, + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "code-point-at": { + "version": "1.0.0", + "overridden": false, + "name": "code-point-at", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "code-point-at@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\code-point-at", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "number-is-nan": { + "version": "1.0.0", + "overridden": false, + "name": "number-is-nan", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "number-is-nan@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\number-is-nan", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "is-fullwidth-code-point": { + "version": "1.0.0", + "overridden": false, + "name": "is-fullwidth-code-point", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "is-fullwidth-code-point@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\is-fullwidth-code-point", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "number-is-nan": { + "version": "1.0.0", + "name": "number-is-nan", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "number-is-nan@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\number-is-nan", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "strip-ansi": { + "version": "3.0.1", + "name": "strip-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-ansi@3.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\strip-ansi", + "_dependencies": { + "ansi-regex": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "window-size": { + "version": "0.2.0", + "overridden": false, + "name": "window-size", + "inBundle": true, + "license": "MIT", + "bin": { + "window-size": "cli.js" + }, + "engines": { + "node": ">= 0.10.0" + }, + "_id": "window-size@0.2.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\window-size", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "y18n": { + "version": "3.2.0", + "overridden": false, + "name": "y18n", + "inBundle": true, + "license": "ISC", + "_id": "y18n@3.2.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\y18n", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "yargs-parser": { + "version": "2.1.0", + "overridden": false, + "name": "yargs-parser", + "inBundle": true, + "license": "ISC", + "_id": "yargs-parser@2.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\yargs-parser", + "_dependencies": { + "camelcase": "^2.1.0", + "lodash.assign": "^4.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "camelcase": { + "version": "2.1.0", + "name": "camelcase", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "camelcase@2.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\camelcase", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "lodash.assign": { + "version": "4.0.3", + "overridden": false, + "name": "lodash.assign", + "inBundle": true, + "license": "MIT", + "_id": "lodash.assign@4.0.3", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\lodash.assign", + "_dependencies": { + "lodash.keys": "^4.0.0", + "lodash.rest": "^4.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "lodash.keys": { + "version": "4.0.3", + "overridden": false, + "name": "lodash.keys", + "inBundle": true, + "license": "MIT", + "_id": "lodash.keys@4.0.3", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\lodash.keys", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "lodash.rest": { + "version": "4.0.1", + "overridden": false, + "name": "lodash.rest", + "inBundle": true, + "license": "MIT", + "_id": "lodash.rest@4.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\lodash.rest", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + } + } + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm9_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm9_node22_macos-latest.json new file mode 100644 index 00000000..b413223f --- /dev/null +++ b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm9_node22_macos-latest.json @@ -0,0 +1,1147 @@ +{ + "version": "0.0.0", + "name": "demo-bundled-deps", + "private": true, + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "license": "Apache-2.0", + "_id": "demo-bundled-deps@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "_dependencies": { + "bundle-dependencies": "1.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "bundle-dependencies": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "overridden": false, + "name": "bundle-dependencies", + "integrity": "sha512-fM9Q9hJcX1ZYnyjveHTptFZqpLKDO2gdxRhuB8MNSYEQvC6kImDDH2038J/tHfcuV0JRGUj8n8axDY0AnFkXfA==", + "bundleDependencies": [ + "yargs" + ], + "bin": { + "bundle-dependencies": "dist/bin/index.js" + }, + "_id": "bundle-dependencies@1.0.2", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies", + "_dependencies": { + "yargs": "^4.1.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "yargs": { + "version": "4.1.0", + "overridden": false, + "name": "yargs", + "inBundle": true, + "license": "MIT", + "_id": "yargs@4.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/yargs", + "_dependencies": { + "camelcase": "^2.0.1", + "cliui": "^3.0.3", + "decamelize": "^1.1.1", + "os-locale": "^1.4.0", + "pkg-conf": "^1.1.1", + "read-pkg-up": "^1.0.1", + "require-main-filename": "^1.0.0", + "string-width": "^1.0.1", + "window-size": "^0.2.0", + "y18n": "^3.2.0", + "yargs-parser": "^2.1.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "camelcase": { + "version": "2.1.0", + "overridden": false, + "name": "camelcase", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "camelcase@2.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/camelcase", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "cliui": { + "version": "3.1.0", + "overridden": false, + "name": "cliui", + "inBundle": true, + "license": "ISC", + "_id": "cliui@3.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/cliui", + "_dependencies": { + "string-width": "^1.0.1", + "strip-ansi": "^3.0.0", + "wrap-ansi": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "string-width": { + "version": "1.0.1", + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "strip-ansi": { + "version": "3.0.1", + "overridden": false, + "name": "strip-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-ansi@3.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-ansi", + "_dependencies": { + "ansi-regex": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "ansi-regex": { + "version": "2.0.0", + "overridden": false, + "name": "ansi-regex", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "ansi-regex@2.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/ansi-regex", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "wrap-ansi": { + "version": "1.0.0", + "overridden": false, + "name": "wrap-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "wrap-ansi@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/wrap-ansi", + "_dependencies": { + "string-width": "^1.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "string-width": { + "version": "1.0.1", + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "decamelize": { + "version": "1.1.2", + "overridden": false, + "name": "decamelize", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "decamelize@1.1.2", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/decamelize", + "_dependencies": { + "escape-string-regexp": "^1.0.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "escape-string-regexp": { + "version": "1.0.5", + "overridden": false, + "name": "escape-string-regexp", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.8.0" + }, + "_id": "escape-string-regexp@1.0.5", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/escape-string-regexp", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "os-locale": { + "version": "1.4.0", + "overridden": false, + "name": "os-locale", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "os-locale@1.4.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/os-locale", + "_dependencies": { + "lcid": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "lcid": { + "version": "1.0.0", + "overridden": false, + "name": "lcid", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "lcid@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lcid", + "_dependencies": { + "invert-kv": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "invert-kv": { + "version": "1.0.0", + "overridden": false, + "name": "invert-kv", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "invert-kv@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/invert-kv", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "pkg-conf": { + "version": "1.1.1", + "overridden": false, + "name": "pkg-conf", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pkg-conf@1.1.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pkg-conf", + "_dependencies": { + "find-up": "^1.0.0", + "object-assign": "^4.0.1", + "read-pkg": "^1.0.0", + "symbol": "^0.2.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "find-up": { + "version": "1.1.0", + "overridden": false, + "name": "find-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "find-up@1.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/find-up", + "_dependencies": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "path-exists": { + "version": "2.1.0", + "overridden": false, + "name": "path-exists", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "path-exists@2.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/path-exists", + "_dependencies": { + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "pinkie-promise": { + "version": "2.0.0", + "overridden": false, + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "pinkie": { + "version": "2.0.4", + "overridden": false, + "name": "pinkie", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie@2.0.4", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "object-assign": { + "version": "4.0.1", + "overridden": false, + "name": "object-assign", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "object-assign@4.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/object-assign", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "read-pkg": { + "version": "1.1.0", + "overridden": false, + "name": "read-pkg", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg@1.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg", + "_dependencies": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "load-json-file": { + "version": "1.1.0", + "overridden": false, + "name": "load-json-file", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "load-json-file@1.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/load-json-file", + "_dependencies": { + "graceful-fs": "^4.1.2", + "parse-json": "^2.2.0", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0", + "strip-bom": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "graceful-fs": { + "version": "4.1.3", + "overridden": false, + "name": "graceful-fs", + "inBundle": true, + "license": "ISC", + "engines": { + "node": ">=0.4.0" + }, + "_id": "graceful-fs@4.1.3", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/graceful-fs", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "parse-json": { + "version": "2.2.0", + "overridden": false, + "name": "parse-json", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "parse-json@2.2.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/parse-json", + "_dependencies": { + "error-ex": "^1.2.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "error-ex": { + "version": "1.3.0", + "overridden": false, + "name": "error-ex", + "inBundle": true, + "license": "MIT", + "_id": "error-ex@1.3.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/error-ex", + "_dependencies": { + "is-arrayish": "^0.2.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "is-arrayish": { + "version": "0.2.1", + "overridden": false, + "name": "is-arrayish", + "inBundle": true, + "license": "MIT", + "_id": "is-arrayish@0.2.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-arrayish", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "pify": { + "version": "2.3.0", + "overridden": false, + "name": "pify", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pify@2.3.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pify", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "strip-bom": { + "version": "2.0.0", + "overridden": false, + "name": "strip-bom", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-bom@2.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-bom", + "_dependencies": { + "is-utf8": "^0.2.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "is-utf8": { + "version": "0.2.1", + "overridden": false, + "name": "is-utf8", + "inBundle": true, + "license": "MIT", + "_id": "is-utf8@0.2.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-utf8", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "normalize-package-data": { + "version": "2.3.5", + "overridden": false, + "name": "normalize-package-data", + "inBundle": true, + "license": "BSD-2-Clause", + "_id": "normalize-package-data@2.3.5", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/normalize-package-data", + "_dependencies": { + "hosted-git-info": "^2.1.4", + "is-builtin-module": "^1.0.0", + "semver": "2 || 3 || 4 || 5", + "validate-npm-package-license": "^3.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "hosted-git-info": { + "version": "2.1.4", + "overridden": false, + "name": "hosted-git-info", + "inBundle": true, + "license": "ISC", + "_id": "hosted-git-info@2.1.4", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/hosted-git-info", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "is-builtin-module": { + "version": "1.0.0", + "overridden": false, + "name": "is-builtin-module", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "is-builtin-module@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-builtin-module", + "_dependencies": { + "builtin-modules": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "builtin-modules": { + "version": "1.1.1", + "overridden": false, + "name": "builtin-modules", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "builtin-modules@1.1.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/builtin-modules", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "semver": { + "version": "5.1.0", + "overridden": false, + "name": "semver", + "inBundle": true, + "license": "ISC", + "bin": { + "semver": "bin/semver" + }, + "_id": "semver@5.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/semver", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "validate-npm-package-license": { + "version": "3.0.1", + "overridden": false, + "name": "validate-npm-package-license", + "inBundle": true, + "license": "Apache-2.0", + "_id": "validate-npm-package-license@3.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/validate-npm-package-license", + "_dependencies": { + "spdx-correct": "~1.0.0", + "spdx-expression-parse": "~1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-correct": { + "version": "1.0.2", + "overridden": false, + "name": "spdx-correct", + "inBundle": true, + "license": "Apache-2.0", + "_id": "spdx-correct@1.0.2", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-correct", + "_dependencies": { + "spdx-license-ids": "^1.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-license-ids": { + "version": "1.2.0", + "overridden": false, + "name": "spdx-license-ids", + "inBundle": true, + "license": "Unlicense", + "_id": "spdx-license-ids@1.2.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-license-ids", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "spdx-expression-parse": { + "version": "1.0.2", + "overridden": false, + "name": "spdx-expression-parse", + "inBundle": true, + "license": "(MIT AND CC-BY-3.0)", + "_id": "spdx-expression-parse@1.0.2", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-expression-parse", + "_dependencies": { + "spdx-exceptions": "^1.0.4", + "spdx-license-ids": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-exceptions": { + "version": "1.0.4", + "overridden": false, + "name": "spdx-exceptions", + "inBundle": true, + "license": "CC-BY-3.0", + "_id": "spdx-exceptions@1.0.4", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-exceptions", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "spdx-license-ids": { + "version": "1.2.0", + "name": "spdx-license-ids", + "inBundle": true, + "license": "Unlicense", + "_id": "spdx-license-ids@1.2.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-license-ids", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + } + } + }, + "path-type": { + "version": "1.1.0", + "overridden": false, + "name": "path-type", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "path-type@1.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/path-type", + "_dependencies": { + "graceful-fs": "^4.1.2", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "graceful-fs": { + "version": "4.1.3", + "name": "graceful-fs", + "inBundle": true, + "license": "ISC", + "engines": { + "node": ">=0.4.0" + }, + "_id": "graceful-fs@4.1.3", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/graceful-fs", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pify": { + "version": "2.3.0", + "name": "pify", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pify@2.3.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pify", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "symbol": { + "version": "0.2.1", + "overridden": false, + "name": "symbol", + "inBundle": true, + "license": "MPLv2.0", + "_id": "symbol@0.2.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/symbol", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "read-pkg-up": { + "version": "1.0.1", + "overridden": false, + "name": "read-pkg-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg-up@1.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg-up", + "_dependencies": { + "find-up": "^1.0.0", + "read-pkg": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "find-up": { + "version": "1.1.0", + "name": "find-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "find-up@1.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/find-up", + "_dependencies": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "read-pkg": { + "version": "1.1.0", + "name": "read-pkg", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg@1.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg", + "_dependencies": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "require-main-filename": { + "version": "1.0.1", + "overridden": false, + "name": "require-main-filename", + "inBundle": true, + "license": "ISC", + "_id": "require-main-filename@1.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/require-main-filename", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "string-width": { + "version": "1.0.1", + "overridden": false, + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "code-point-at": { + "version": "1.0.0", + "overridden": false, + "name": "code-point-at", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "code-point-at@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/code-point-at", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "number-is-nan": { + "version": "1.0.0", + "overridden": false, + "name": "number-is-nan", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "number-is-nan@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/number-is-nan", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "is-fullwidth-code-point": { + "version": "1.0.0", + "overridden": false, + "name": "is-fullwidth-code-point", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "is-fullwidth-code-point@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "number-is-nan": { + "version": "1.0.0", + "name": "number-is-nan", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "number-is-nan@1.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/number-is-nan", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "strip-ansi": { + "version": "3.0.1", + "name": "strip-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-ansi@3.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-ansi", + "_dependencies": { + "ansi-regex": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "window-size": { + "version": "0.2.0", + "overridden": false, + "name": "window-size", + "inBundle": true, + "license": "MIT", + "bin": { + "window-size": "cli.js" + }, + "engines": { + "node": ">= 0.10.0" + }, + "_id": "window-size@0.2.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/window-size", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "y18n": { + "version": "3.2.0", + "overridden": false, + "name": "y18n", + "inBundle": true, + "license": "ISC", + "_id": "y18n@3.2.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/y18n", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "yargs-parser": { + "version": "2.1.0", + "overridden": false, + "name": "yargs-parser", + "inBundle": true, + "license": "ISC", + "_id": "yargs-parser@2.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/yargs-parser", + "_dependencies": { + "camelcase": "^2.1.0", + "lodash.assign": "^4.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "camelcase": { + "version": "2.1.0", + "name": "camelcase", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "camelcase@2.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/camelcase", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "lodash.assign": { + "version": "4.0.3", + "overridden": false, + "name": "lodash.assign", + "inBundle": true, + "license": "MIT", + "_id": "lodash.assign@4.0.3", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.assign", + "_dependencies": { + "lodash.keys": "^4.0.0", + "lodash.rest": "^4.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "lodash.keys": { + "version": "4.0.3", + "overridden": false, + "name": "lodash.keys", + "inBundle": true, + "license": "MIT", + "_id": "lodash.keys@4.0.3", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.keys", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "lodash.rest": { + "version": "4.0.1", + "overridden": false, + "name": "lodash.rest", + "inBundle": true, + "license": "MIT", + "_id": "lodash.rest@4.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.rest", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + } + } + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm9_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm9_node22_ubuntu-latest.json new file mode 100644 index 00000000..5aa837af --- /dev/null +++ b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm9_node22_ubuntu-latest.json @@ -0,0 +1,1147 @@ +{ + "version": "0.0.0", + "name": "demo-bundled-deps", + "private": true, + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "license": "Apache-2.0", + "_id": "demo-bundled-deps@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project", + "_dependencies": { + "bundle-dependencies": "1.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "bundle-dependencies": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "overridden": false, + "name": "bundle-dependencies", + "integrity": "sha512-fM9Q9hJcX1ZYnyjveHTptFZqpLKDO2gdxRhuB8MNSYEQvC6kImDDH2038J/tHfcuV0JRGUj8n8axDY0AnFkXfA==", + "bundleDependencies": [ + "yargs" + ], + "bin": { + "bundle-dependencies": "dist/bin/index.js" + }, + "_id": "bundle-dependencies@1.0.2", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies", + "_dependencies": { + "yargs": "^4.1.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "yargs": { + "version": "4.1.0", + "overridden": false, + "name": "yargs", + "inBundle": true, + "license": "MIT", + "_id": "yargs@4.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/yargs", + "_dependencies": { + "camelcase": "^2.0.1", + "cliui": "^3.0.3", + "decamelize": "^1.1.1", + "os-locale": "^1.4.0", + "pkg-conf": "^1.1.1", + "read-pkg-up": "^1.0.1", + "require-main-filename": "^1.0.0", + "string-width": "^1.0.1", + "window-size": "^0.2.0", + "y18n": "^3.2.0", + "yargs-parser": "^2.1.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "camelcase": { + "version": "2.1.0", + "overridden": false, + "name": "camelcase", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "camelcase@2.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/camelcase", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "cliui": { + "version": "3.1.0", + "overridden": false, + "name": "cliui", + "inBundle": true, + "license": "ISC", + "_id": "cliui@3.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/cliui", + "_dependencies": { + "string-width": "^1.0.1", + "strip-ansi": "^3.0.0", + "wrap-ansi": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "string-width": { + "version": "1.0.1", + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "strip-ansi": { + "version": "3.0.1", + "overridden": false, + "name": "strip-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-ansi@3.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-ansi", + "_dependencies": { + "ansi-regex": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "ansi-regex": { + "version": "2.0.0", + "overridden": false, + "name": "ansi-regex", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "ansi-regex@2.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/ansi-regex", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "wrap-ansi": { + "version": "1.0.0", + "overridden": false, + "name": "wrap-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "wrap-ansi@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/wrap-ansi", + "_dependencies": { + "string-width": "^1.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "string-width": { + "version": "1.0.1", + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "decamelize": { + "version": "1.1.2", + "overridden": false, + "name": "decamelize", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "decamelize@1.1.2", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/decamelize", + "_dependencies": { + "escape-string-regexp": "^1.0.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "escape-string-regexp": { + "version": "1.0.5", + "overridden": false, + "name": "escape-string-regexp", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.8.0" + }, + "_id": "escape-string-regexp@1.0.5", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/escape-string-regexp", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "os-locale": { + "version": "1.4.0", + "overridden": false, + "name": "os-locale", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "os-locale@1.4.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/os-locale", + "_dependencies": { + "lcid": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "lcid": { + "version": "1.0.0", + "overridden": false, + "name": "lcid", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "lcid@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lcid", + "_dependencies": { + "invert-kv": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "invert-kv": { + "version": "1.0.0", + "overridden": false, + "name": "invert-kv", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "invert-kv@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/invert-kv", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "pkg-conf": { + "version": "1.1.1", + "overridden": false, + "name": "pkg-conf", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pkg-conf@1.1.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pkg-conf", + "_dependencies": { + "find-up": "^1.0.0", + "object-assign": "^4.0.1", + "read-pkg": "^1.0.0", + "symbol": "^0.2.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "find-up": { + "version": "1.1.0", + "overridden": false, + "name": "find-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "find-up@1.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/find-up", + "_dependencies": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "path-exists": { + "version": "2.1.0", + "overridden": false, + "name": "path-exists", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "path-exists@2.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/path-exists", + "_dependencies": { + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "pinkie-promise": { + "version": "2.0.0", + "overridden": false, + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "pinkie": { + "version": "2.0.4", + "overridden": false, + "name": "pinkie", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie@2.0.4", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "object-assign": { + "version": "4.0.1", + "overridden": false, + "name": "object-assign", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "object-assign@4.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/object-assign", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "read-pkg": { + "version": "1.1.0", + "overridden": false, + "name": "read-pkg", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg@1.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg", + "_dependencies": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "load-json-file": { + "version": "1.1.0", + "overridden": false, + "name": "load-json-file", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "load-json-file@1.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/load-json-file", + "_dependencies": { + "graceful-fs": "^4.1.2", + "parse-json": "^2.2.0", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0", + "strip-bom": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "graceful-fs": { + "version": "4.1.3", + "overridden": false, + "name": "graceful-fs", + "inBundle": true, + "license": "ISC", + "engines": { + "node": ">=0.4.0" + }, + "_id": "graceful-fs@4.1.3", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/graceful-fs", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "parse-json": { + "version": "2.2.0", + "overridden": false, + "name": "parse-json", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "parse-json@2.2.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/parse-json", + "_dependencies": { + "error-ex": "^1.2.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "error-ex": { + "version": "1.3.0", + "overridden": false, + "name": "error-ex", + "inBundle": true, + "license": "MIT", + "_id": "error-ex@1.3.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/error-ex", + "_dependencies": { + "is-arrayish": "^0.2.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "is-arrayish": { + "version": "0.2.1", + "overridden": false, + "name": "is-arrayish", + "inBundle": true, + "license": "MIT", + "_id": "is-arrayish@0.2.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-arrayish", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "pify": { + "version": "2.3.0", + "overridden": false, + "name": "pify", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pify@2.3.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pify", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "strip-bom": { + "version": "2.0.0", + "overridden": false, + "name": "strip-bom", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-bom@2.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-bom", + "_dependencies": { + "is-utf8": "^0.2.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "is-utf8": { + "version": "0.2.1", + "overridden": false, + "name": "is-utf8", + "inBundle": true, + "license": "MIT", + "_id": "is-utf8@0.2.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-utf8", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "normalize-package-data": { + "version": "2.3.5", + "overridden": false, + "name": "normalize-package-data", + "inBundle": true, + "license": "BSD-2-Clause", + "_id": "normalize-package-data@2.3.5", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/normalize-package-data", + "_dependencies": { + "hosted-git-info": "^2.1.4", + "is-builtin-module": "^1.0.0", + "semver": "2 || 3 || 4 || 5", + "validate-npm-package-license": "^3.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "hosted-git-info": { + "version": "2.1.4", + "overridden": false, + "name": "hosted-git-info", + "inBundle": true, + "license": "ISC", + "_id": "hosted-git-info@2.1.4", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/hosted-git-info", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "is-builtin-module": { + "version": "1.0.0", + "overridden": false, + "name": "is-builtin-module", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "is-builtin-module@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-builtin-module", + "_dependencies": { + "builtin-modules": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "builtin-modules": { + "version": "1.1.1", + "overridden": false, + "name": "builtin-modules", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "builtin-modules@1.1.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/builtin-modules", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "semver": { + "version": "5.1.0", + "overridden": false, + "name": "semver", + "inBundle": true, + "license": "ISC", + "bin": { + "semver": "bin/semver" + }, + "_id": "semver@5.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/semver", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "validate-npm-package-license": { + "version": "3.0.1", + "overridden": false, + "name": "validate-npm-package-license", + "inBundle": true, + "license": "Apache-2.0", + "_id": "validate-npm-package-license@3.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/validate-npm-package-license", + "_dependencies": { + "spdx-correct": "~1.0.0", + "spdx-expression-parse": "~1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-correct": { + "version": "1.0.2", + "overridden": false, + "name": "spdx-correct", + "inBundle": true, + "license": "Apache-2.0", + "_id": "spdx-correct@1.0.2", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-correct", + "_dependencies": { + "spdx-license-ids": "^1.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-license-ids": { + "version": "1.2.0", + "overridden": false, + "name": "spdx-license-ids", + "inBundle": true, + "license": "Unlicense", + "_id": "spdx-license-ids@1.2.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-license-ids", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "spdx-expression-parse": { + "version": "1.0.2", + "overridden": false, + "name": "spdx-expression-parse", + "inBundle": true, + "license": "(MIT AND CC-BY-3.0)", + "_id": "spdx-expression-parse@1.0.2", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-expression-parse", + "_dependencies": { + "spdx-exceptions": "^1.0.4", + "spdx-license-ids": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-exceptions": { + "version": "1.0.4", + "overridden": false, + "name": "spdx-exceptions", + "inBundle": true, + "license": "CC-BY-3.0", + "_id": "spdx-exceptions@1.0.4", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-exceptions", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "spdx-license-ids": { + "version": "1.2.0", + "name": "spdx-license-ids", + "inBundle": true, + "license": "Unlicense", + "_id": "spdx-license-ids@1.2.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/spdx-license-ids", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + } + } + }, + "path-type": { + "version": "1.1.0", + "overridden": false, + "name": "path-type", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "path-type@1.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/path-type", + "_dependencies": { + "graceful-fs": "^4.1.2", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "graceful-fs": { + "version": "4.1.3", + "name": "graceful-fs", + "inBundle": true, + "license": "ISC", + "engines": { + "node": ">=0.4.0" + }, + "_id": "graceful-fs@4.1.3", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/graceful-fs", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pify": { + "version": "2.3.0", + "name": "pify", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pify@2.3.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pify", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "symbol": { + "version": "0.2.1", + "overridden": false, + "name": "symbol", + "inBundle": true, + "license": "MPLv2.0", + "_id": "symbol@0.2.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/symbol", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "read-pkg-up": { + "version": "1.0.1", + "overridden": false, + "name": "read-pkg-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg-up@1.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg-up", + "_dependencies": { + "find-up": "^1.0.0", + "read-pkg": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "find-up": { + "version": "1.1.0", + "name": "find-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "find-up@1.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/find-up", + "_dependencies": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "read-pkg": { + "version": "1.1.0", + "name": "read-pkg", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg@1.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/read-pkg", + "_dependencies": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "require-main-filename": { + "version": "1.0.1", + "overridden": false, + "name": "require-main-filename", + "inBundle": true, + "license": "ISC", + "_id": "require-main-filename@1.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/require-main-filename", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "string-width": { + "version": "1.0.1", + "overridden": false, + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "code-point-at": { + "version": "1.0.0", + "overridden": false, + "name": "code-point-at", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "code-point-at@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/code-point-at", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "number-is-nan": { + "version": "1.0.0", + "overridden": false, + "name": "number-is-nan", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "number-is-nan@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/number-is-nan", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "is-fullwidth-code-point": { + "version": "1.0.0", + "overridden": false, + "name": "is-fullwidth-code-point", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "is-fullwidth-code-point@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "number-is-nan": { + "version": "1.0.0", + "name": "number-is-nan", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "number-is-nan@1.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/number-is-nan", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "strip-ansi": { + "version": "3.0.1", + "name": "strip-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-ansi@3.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/strip-ansi", + "_dependencies": { + "ansi-regex": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "window-size": { + "version": "0.2.0", + "overridden": false, + "name": "window-size", + "inBundle": true, + "license": "MIT", + "bin": { + "window-size": "cli.js" + }, + "engines": { + "node": ">= 0.10.0" + }, + "_id": "window-size@0.2.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/window-size", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "y18n": { + "version": "3.2.0", + "overridden": false, + "name": "y18n", + "inBundle": true, + "license": "ISC", + "_id": "y18n@3.2.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/y18n", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "yargs-parser": { + "version": "2.1.0", + "overridden": false, + "name": "yargs-parser", + "inBundle": true, + "license": "ISC", + "_id": "yargs-parser@2.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/yargs-parser", + "_dependencies": { + "camelcase": "^2.1.0", + "lodash.assign": "^4.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "camelcase": { + "version": "2.1.0", + "name": "camelcase", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "camelcase@2.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/camelcase", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "lodash.assign": { + "version": "4.0.3", + "overridden": false, + "name": "lodash.assign", + "inBundle": true, + "license": "MIT", + "_id": "lodash.assign@4.0.3", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.assign", + "_dependencies": { + "lodash.keys": "^4.0.0", + "lodash.rest": "^4.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "lodash.keys": { + "version": "4.0.3", + "overridden": false, + "name": "lodash.keys", + "inBundle": true, + "license": "MIT", + "_id": "lodash.keys@4.0.3", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.keys", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "lodash.rest": { + "version": "4.0.1", + "overridden": false, + "name": "lodash.rest", + "inBundle": true, + "license": "MIT", + "_id": "lodash.rest@4.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/bundled-dependencies/project/node_modules/bundle-dependencies/node_modules/lodash.rest", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + } + } + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm9_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm9_node22_windows-latest.json new file mode 100644 index 00000000..9ffc70d7 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/bundled-dependencies/CI_results/npm-ls_npm9_node22_windows-latest.json @@ -0,0 +1,1147 @@ +{ + "version": "0.0.0", + "name": "demo-bundled-deps", + "private": true, + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "license": "Apache-2.0", + "_id": "demo-bundled-deps@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project", + "_dependencies": { + "bundle-dependencies": "1.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "bundle-dependencies": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "overridden": false, + "name": "bundle-dependencies", + "integrity": "sha512-fM9Q9hJcX1ZYnyjveHTptFZqpLKDO2gdxRhuB8MNSYEQvC6kImDDH2038J/tHfcuV0JRGUj8n8axDY0AnFkXfA==", + "bundleDependencies": [ + "yargs" + ], + "bin": { + "bundle-dependencies": "dist/bin/index.js" + }, + "_id": "bundle-dependencies@1.0.2", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies", + "_dependencies": { + "yargs": "^4.1.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "yargs": { + "version": "4.1.0", + "overridden": false, + "name": "yargs", + "inBundle": true, + "license": "MIT", + "_id": "yargs@4.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\yargs", + "_dependencies": { + "camelcase": "^2.0.1", + "cliui": "^3.0.3", + "decamelize": "^1.1.1", + "os-locale": "^1.4.0", + "pkg-conf": "^1.1.1", + "read-pkg-up": "^1.0.1", + "require-main-filename": "^1.0.0", + "string-width": "^1.0.1", + "window-size": "^0.2.0", + "y18n": "^3.2.0", + "yargs-parser": "^2.1.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "camelcase": { + "version": "2.1.0", + "overridden": false, + "name": "camelcase", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "camelcase@2.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\camelcase", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "cliui": { + "version": "3.1.0", + "overridden": false, + "name": "cliui", + "inBundle": true, + "license": "ISC", + "_id": "cliui@3.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\cliui", + "_dependencies": { + "string-width": "^1.0.1", + "strip-ansi": "^3.0.0", + "wrap-ansi": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "string-width": { + "version": "1.0.1", + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "strip-ansi": { + "version": "3.0.1", + "overridden": false, + "name": "strip-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-ansi@3.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\strip-ansi", + "_dependencies": { + "ansi-regex": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "ansi-regex": { + "version": "2.0.0", + "overridden": false, + "name": "ansi-regex", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "ansi-regex@2.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\ansi-regex", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "wrap-ansi": { + "version": "1.0.0", + "overridden": false, + "name": "wrap-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "wrap-ansi@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\wrap-ansi", + "_dependencies": { + "string-width": "^1.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "string-width": { + "version": "1.0.1", + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "decamelize": { + "version": "1.1.2", + "overridden": false, + "name": "decamelize", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "decamelize@1.1.2", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\decamelize", + "_dependencies": { + "escape-string-regexp": "^1.0.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "escape-string-regexp": { + "version": "1.0.5", + "overridden": false, + "name": "escape-string-regexp", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.8.0" + }, + "_id": "escape-string-regexp@1.0.5", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\escape-string-regexp", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "os-locale": { + "version": "1.4.0", + "overridden": false, + "name": "os-locale", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "os-locale@1.4.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\os-locale", + "_dependencies": { + "lcid": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "lcid": { + "version": "1.0.0", + "overridden": false, + "name": "lcid", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "lcid@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\lcid", + "_dependencies": { + "invert-kv": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "invert-kv": { + "version": "1.0.0", + "overridden": false, + "name": "invert-kv", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "invert-kv@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\invert-kv", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "pkg-conf": { + "version": "1.1.1", + "overridden": false, + "name": "pkg-conf", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pkg-conf@1.1.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pkg-conf", + "_dependencies": { + "find-up": "^1.0.0", + "object-assign": "^4.0.1", + "read-pkg": "^1.0.0", + "symbol": "^0.2.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "find-up": { + "version": "1.1.0", + "overridden": false, + "name": "find-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "find-up@1.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\find-up", + "_dependencies": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "path-exists": { + "version": "2.1.0", + "overridden": false, + "name": "path-exists", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "path-exists@2.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\path-exists", + "_dependencies": { + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "pinkie-promise": { + "version": "2.0.0", + "overridden": false, + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "pinkie": { + "version": "2.0.4", + "overridden": false, + "name": "pinkie", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie@2.0.4", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pinkie", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "object-assign": { + "version": "4.0.1", + "overridden": false, + "name": "object-assign", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "object-assign@4.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\object-assign", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "read-pkg": { + "version": "1.1.0", + "overridden": false, + "name": "read-pkg", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg@1.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\read-pkg", + "_dependencies": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "load-json-file": { + "version": "1.1.0", + "overridden": false, + "name": "load-json-file", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "load-json-file@1.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\load-json-file", + "_dependencies": { + "graceful-fs": "^4.1.2", + "parse-json": "^2.2.0", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0", + "strip-bom": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "graceful-fs": { + "version": "4.1.3", + "overridden": false, + "name": "graceful-fs", + "inBundle": true, + "license": "ISC", + "engines": { + "node": ">=0.4.0" + }, + "_id": "graceful-fs@4.1.3", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\graceful-fs", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "parse-json": { + "version": "2.2.0", + "overridden": false, + "name": "parse-json", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "parse-json@2.2.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\parse-json", + "_dependencies": { + "error-ex": "^1.2.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "error-ex": { + "version": "1.3.0", + "overridden": false, + "name": "error-ex", + "inBundle": true, + "license": "MIT", + "_id": "error-ex@1.3.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\error-ex", + "_dependencies": { + "is-arrayish": "^0.2.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "is-arrayish": { + "version": "0.2.1", + "overridden": false, + "name": "is-arrayish", + "inBundle": true, + "license": "MIT", + "_id": "is-arrayish@0.2.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\is-arrayish", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "pify": { + "version": "2.3.0", + "overridden": false, + "name": "pify", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pify@2.3.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pify", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "strip-bom": { + "version": "2.0.0", + "overridden": false, + "name": "strip-bom", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-bom@2.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\strip-bom", + "_dependencies": { + "is-utf8": "^0.2.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "is-utf8": { + "version": "0.2.1", + "overridden": false, + "name": "is-utf8", + "inBundle": true, + "license": "MIT", + "_id": "is-utf8@0.2.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\is-utf8", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "normalize-package-data": { + "version": "2.3.5", + "overridden": false, + "name": "normalize-package-data", + "inBundle": true, + "license": "BSD-2-Clause", + "_id": "normalize-package-data@2.3.5", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\normalize-package-data", + "_dependencies": { + "hosted-git-info": "^2.1.4", + "is-builtin-module": "^1.0.0", + "semver": "2 || 3 || 4 || 5", + "validate-npm-package-license": "^3.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "hosted-git-info": { + "version": "2.1.4", + "overridden": false, + "name": "hosted-git-info", + "inBundle": true, + "license": "ISC", + "_id": "hosted-git-info@2.1.4", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\hosted-git-info", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "is-builtin-module": { + "version": "1.0.0", + "overridden": false, + "name": "is-builtin-module", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "is-builtin-module@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\is-builtin-module", + "_dependencies": { + "builtin-modules": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "builtin-modules": { + "version": "1.1.1", + "overridden": false, + "name": "builtin-modules", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "builtin-modules@1.1.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\builtin-modules", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "semver": { + "version": "5.1.0", + "overridden": false, + "name": "semver", + "inBundle": true, + "license": "ISC", + "bin": { + "semver": "bin/semver" + }, + "_id": "semver@5.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\semver", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "validate-npm-package-license": { + "version": "3.0.1", + "overridden": false, + "name": "validate-npm-package-license", + "inBundle": true, + "license": "Apache-2.0", + "_id": "validate-npm-package-license@3.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\validate-npm-package-license", + "_dependencies": { + "spdx-correct": "~1.0.0", + "spdx-expression-parse": "~1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-correct": { + "version": "1.0.2", + "overridden": false, + "name": "spdx-correct", + "inBundle": true, + "license": "Apache-2.0", + "_id": "spdx-correct@1.0.2", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\spdx-correct", + "_dependencies": { + "spdx-license-ids": "^1.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-license-ids": { + "version": "1.2.0", + "overridden": false, + "name": "spdx-license-ids", + "inBundle": true, + "license": "Unlicense", + "_id": "spdx-license-ids@1.2.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\spdx-license-ids", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "spdx-expression-parse": { + "version": "1.0.2", + "overridden": false, + "name": "spdx-expression-parse", + "inBundle": true, + "license": "(MIT AND CC-BY-3.0)", + "_id": "spdx-expression-parse@1.0.2", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\spdx-expression-parse", + "_dependencies": { + "spdx-exceptions": "^1.0.4", + "spdx-license-ids": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "spdx-exceptions": { + "version": "1.0.4", + "overridden": false, + "name": "spdx-exceptions", + "inBundle": true, + "license": "CC-BY-3.0", + "_id": "spdx-exceptions@1.0.4", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\spdx-exceptions", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "spdx-license-ids": { + "version": "1.2.0", + "name": "spdx-license-ids", + "inBundle": true, + "license": "Unlicense", + "_id": "spdx-license-ids@1.2.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\spdx-license-ids", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + } + } + }, + "path-type": { + "version": "1.1.0", + "overridden": false, + "name": "path-type", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "path-type@1.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\path-type", + "_dependencies": { + "graceful-fs": "^4.1.2", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "graceful-fs": { + "version": "4.1.3", + "name": "graceful-fs", + "inBundle": true, + "license": "ISC", + "engines": { + "node": ">=0.4.0" + }, + "_id": "graceful-fs@4.1.3", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\graceful-fs", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pify": { + "version": "2.3.0", + "name": "pify", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pify@2.3.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pify", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "pinkie-promise": { + "version": "2.0.0", + "name": "pinkie-promise", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "pinkie-promise@2.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\pinkie-promise", + "_dependencies": { + "pinkie": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + }, + "symbol": { + "version": "0.2.1", + "overridden": false, + "name": "symbol", + "inBundle": true, + "license": "MPLv2.0", + "_id": "symbol@0.2.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\symbol", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "read-pkg-up": { + "version": "1.0.1", + "overridden": false, + "name": "read-pkg-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg-up@1.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\read-pkg-up", + "_dependencies": { + "find-up": "^1.0.0", + "read-pkg": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "find-up": { + "version": "1.1.0", + "name": "find-up", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "find-up@1.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\find-up", + "_dependencies": { + "path-exists": "^2.0.0", + "pinkie-promise": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "read-pkg": { + "version": "1.1.0", + "name": "read-pkg", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "read-pkg@1.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\read-pkg", + "_dependencies": { + "load-json-file": "^1.0.0", + "normalize-package-data": "^2.3.2", + "path-type": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "require-main-filename": { + "version": "1.0.1", + "overridden": false, + "name": "require-main-filename", + "inBundle": true, + "license": "ISC", + "_id": "require-main-filename@1.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\require-main-filename", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "string-width": { + "version": "1.0.1", + "overridden": false, + "name": "string-width", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "string-width@1.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\string-width", + "_dependencies": { + "code-point-at": "^1.0.0", + "is-fullwidth-code-point": "^1.0.0", + "strip-ansi": "^3.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "code-point-at": { + "version": "1.0.0", + "overridden": false, + "name": "code-point-at", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "code-point-at@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\code-point-at", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "number-is-nan": { + "version": "1.0.0", + "overridden": false, + "name": "number-is-nan", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "number-is-nan@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\number-is-nan", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "is-fullwidth-code-point": { + "version": "1.0.0", + "overridden": false, + "name": "is-fullwidth-code-point", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "is-fullwidth-code-point@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\is-fullwidth-code-point", + "_dependencies": { + "number-is-nan": "^1.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "number-is-nan": { + "version": "1.0.0", + "name": "number-is-nan", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "number-is-nan@1.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\number-is-nan", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "strip-ansi": { + "version": "3.0.1", + "name": "strip-ansi", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "strip-ansi@3.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\strip-ansi", + "_dependencies": { + "ansi-regex": "^2.0.0" + }, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "window-size": { + "version": "0.2.0", + "overridden": false, + "name": "window-size", + "inBundle": true, + "license": "MIT", + "bin": { + "window-size": "cli.js" + }, + "engines": { + "node": ">= 0.10.0" + }, + "_id": "window-size@0.2.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\window-size", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "y18n": { + "version": "3.2.0", + "overridden": false, + "name": "y18n", + "inBundle": true, + "license": "ISC", + "_id": "y18n@3.2.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\y18n", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "yargs-parser": { + "version": "2.1.0", + "overridden": false, + "name": "yargs-parser", + "inBundle": true, + "license": "ISC", + "_id": "yargs-parser@2.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\yargs-parser", + "_dependencies": { + "camelcase": "^2.1.0", + "lodash.assign": "^4.0.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "camelcase": { + "version": "2.1.0", + "name": "camelcase", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + }, + "_id": "camelcase@2.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\camelcase", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "lodash.assign": { + "version": "4.0.3", + "overridden": false, + "name": "lodash.assign", + "inBundle": true, + "license": "MIT", + "_id": "lodash.assign@4.0.3", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\lodash.assign", + "_dependencies": { + "lodash.keys": "^4.0.0", + "lodash.rest": "^4.0.0" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "lodash.keys": { + "version": "4.0.3", + "overridden": false, + "name": "lodash.keys", + "inBundle": true, + "license": "MIT", + "_id": "lodash.keys@4.0.3", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\lodash.keys", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "lodash.rest": { + "version": "4.0.1", + "overridden": false, + "name": "lodash.rest", + "inBundle": true, + "license": "MIT", + "_id": "lodash.rest@4.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\bundled-dependencies\\project\\node_modules\\bundle-dependencies\\node_modules\\lodash.rest", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } + } + } + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm10_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm10_node22_macos-latest.json new file mode 100644 index 00000000..bfa2ff31 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm10_node22_macos-latest.json @@ -0,0 +1,135 @@ +{ + "version": "0.0.0", + "name": "demo-dev-dependencies", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "private": true, + "license": "Apache-2.0", + "optionalDependencies": { + "uuidv4": "^6.2.13" + }, + "devDependencies": { + "@types/node": ">=16", + "@types/uuid": "^8", + "uuid": "^8" + }, + "_id": "demo-dev-dependencies@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project", + "_dependencies": { + "uuidv4": "^6.2.13" + }, + "peerDependencies": {}, + "dependencies": { + "@types/node": { + "version": "20.12.8", + "resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "overridden": false, + "name": "@types/node", + "integrity": "sha512-NU0rJLJnshZWdE/097cdCBbyW1h4hEg0xpovcoAQYHl8dnEyp/NAOiE45pvc+Bd1Dt+2r94v2eGFpQJ4R7g+2w==", + "dev": true, + "_id": "@types/node@20.12.8", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/node", + "_dependencies": { + "undici-types": "~5.26.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "undici-types": { + "version": "5.26.5", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "overridden": false, + "name": "undici-types", + "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==", + "dev": true, + "_id": "undici-types@5.26.5", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/undici-types", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "@types/uuid": { + "version": "8.3.4", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "overridden": false, + "name": "@types/uuid", + "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "devOptional": true, + "_id": "@types/uuid@8.3.4", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuid": { + "version": "8.3.2", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "overridden": false, + "name": "uuid", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "devOptional": true, + "bin": { + "uuid": "dist/bin/uuid" + }, + "_id": "uuid@8.3.2", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuidv4": { + "version": "6.2.13", + "resolved": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "overridden": false, + "name": "uuidv4", + "integrity": "sha512-AXyzMjazYB3ovL3q051VLH06Ixj//Knx7QnUSi1T//Ie3io6CpsPu9nVMOx5MoLWh6xV0B9J0hIaxungxXUbPQ==", + "optional": true, + "_id": "uuidv4@6.2.13", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuidv4", + "_dependencies": { + "@types/uuid": "8.3.4", + "uuid": "8.3.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "@types/uuid": { + "version": "8.3.4", + "name": "@types/uuid", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "devOptional": true, + "_id": "@types/uuid@8.3.4", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuid": { + "version": "8.3.2", + "name": "uuid", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "devOptional": true, + "bin": { + "uuid": "dist/bin/uuid" + }, + "_id": "uuid@8.3.2", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm10_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm10_node22_ubuntu-latest.json new file mode 100644 index 00000000..a85a2677 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm10_node22_ubuntu-latest.json @@ -0,0 +1,135 @@ +{ + "version": "0.0.0", + "name": "demo-dev-dependencies", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "private": true, + "license": "Apache-2.0", + "optionalDependencies": { + "uuidv4": "^6.2.13" + }, + "devDependencies": { + "@types/node": ">=16", + "@types/uuid": "^8", + "uuid": "^8" + }, + "_id": "demo-dev-dependencies@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project", + "_dependencies": { + "uuidv4": "^6.2.13" + }, + "peerDependencies": {}, + "dependencies": { + "@types/node": { + "version": "20.12.8", + "resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "overridden": false, + "name": "@types/node", + "integrity": "sha512-NU0rJLJnshZWdE/097cdCBbyW1h4hEg0xpovcoAQYHl8dnEyp/NAOiE45pvc+Bd1Dt+2r94v2eGFpQJ4R7g+2w==", + "dev": true, + "_id": "@types/node@20.12.8", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/node", + "_dependencies": { + "undici-types": "~5.26.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "undici-types": { + "version": "5.26.5", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "overridden": false, + "name": "undici-types", + "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==", + "dev": true, + "_id": "undici-types@5.26.5", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/undici-types", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "@types/uuid": { + "version": "8.3.4", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "overridden": false, + "name": "@types/uuid", + "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "devOptional": true, + "_id": "@types/uuid@8.3.4", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuid": { + "version": "8.3.2", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "overridden": false, + "name": "uuid", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "devOptional": true, + "bin": { + "uuid": "dist/bin/uuid" + }, + "_id": "uuid@8.3.2", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuidv4": { + "version": "6.2.13", + "resolved": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "overridden": false, + "name": "uuidv4", + "integrity": "sha512-AXyzMjazYB3ovL3q051VLH06Ixj//Knx7QnUSi1T//Ie3io6CpsPu9nVMOx5MoLWh6xV0B9J0hIaxungxXUbPQ==", + "optional": true, + "_id": "uuidv4@6.2.13", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuidv4", + "_dependencies": { + "@types/uuid": "8.3.4", + "uuid": "8.3.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "@types/uuid": { + "version": "8.3.4", + "name": "@types/uuid", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "devOptional": true, + "_id": "@types/uuid@8.3.4", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuid": { + "version": "8.3.2", + "name": "uuid", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "devOptional": true, + "bin": { + "uuid": "dist/bin/uuid" + }, + "_id": "uuid@8.3.2", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm10_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm10_node22_windows-latest.json new file mode 100644 index 00000000..e1755a3e --- /dev/null +++ b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm10_node22_windows-latest.json @@ -0,0 +1,135 @@ +{ + "version": "0.0.0", + "name": "demo-dev-dependencies", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "private": true, + "license": "Apache-2.0", + "optionalDependencies": { + "uuidv4": "^6.2.13" + }, + "devDependencies": { + "@types/node": ">=16", + "@types/uuid": "^8", + "uuid": "^8" + }, + "_id": "demo-dev-dependencies@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project", + "_dependencies": { + "uuidv4": "^6.2.13" + }, + "peerDependencies": {}, + "dependencies": { + "@types/node": { + "version": "20.12.8", + "resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "overridden": false, + "name": "@types/node", + "integrity": "sha512-NU0rJLJnshZWdE/097cdCBbyW1h4hEg0xpovcoAQYHl8dnEyp/NAOiE45pvc+Bd1Dt+2r94v2eGFpQJ4R7g+2w==", + "dev": true, + "_id": "@types/node@20.12.8", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\@types\\node", + "_dependencies": { + "undici-types": "~5.26.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "undici-types": { + "version": "5.26.5", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "overridden": false, + "name": "undici-types", + "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==", + "dev": true, + "_id": "undici-types@5.26.5", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\undici-types", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "@types/uuid": { + "version": "8.3.4", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "overridden": false, + "name": "@types/uuid", + "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "devOptional": true, + "_id": "@types/uuid@8.3.4", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\@types\\uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuid": { + "version": "8.3.2", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "overridden": false, + "name": "uuid", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "devOptional": true, + "bin": { + "uuid": "dist/bin/uuid" + }, + "_id": "uuid@8.3.2", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuidv4": { + "version": "6.2.13", + "resolved": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "overridden": false, + "name": "uuidv4", + "integrity": "sha512-AXyzMjazYB3ovL3q051VLH06Ixj//Knx7QnUSi1T//Ie3io6CpsPu9nVMOx5MoLWh6xV0B9J0hIaxungxXUbPQ==", + "optional": true, + "_id": "uuidv4@6.2.13", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\uuidv4", + "_dependencies": { + "@types/uuid": "8.3.4", + "uuid": "8.3.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "@types/uuid": { + "version": "8.3.4", + "name": "@types/uuid", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "devOptional": true, + "_id": "@types/uuid@8.3.4", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\@types\\uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuid": { + "version": "8.3.2", + "name": "uuid", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "devOptional": true, + "bin": { + "uuid": "dist/bin/uuid" + }, + "_id": "uuid@8.3.2", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm6_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm6_node22_macos-latest.json new file mode 100644 index 00000000..561381ab --- /dev/null +++ b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm6_node22_macos-latest.json @@ -0,0 +1,839 @@ +{ + "name": "demo-dev-dependencies", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "private": true, + "version": "0.0.0", + "license": "Apache-2.0", + "optionalDependencies": { + "uuidv4": "^6.2.13" + }, + "devDependencies": { + "@types/node": ">=16", + "@types/uuid": "^8", + "uuid": "^8" + }, + "readme": "ERROR: No README data found!", + "dependencies": { + "@types/node": { + "_from": "@types/node@>=16", + "_id": "@types/node@20.12.8", + "_integrity": "sha512-NU0rJLJnshZWdE/097cdCBbyW1h4hEg0xpovcoAQYHl8dnEyp/NAOiE45pvc+Bd1Dt+2r94v2eGFpQJ4R7g+2w==", + "_location": "/@types/node", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "@types/node@20.12.8", + "name": "@types/node", + "escapedName": "@types%2fnode", + "scope": "@types", + "rawSpec": "20.12.8", + "saveSpec": null, + "fetchSpec": "20.12.8" + }, + "_requiredBy": [ + "#DEV:/" + ], + "_resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "_shasum": "35897bf2bfe3469847ab04634636de09552e8256", + "_spec": "20.12.8", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project", + "bugs": { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues" + }, + "contributors": [ + { + "name": "Microsoft TypeScript", + "url": "https://github.com/Microsoft" + }, + { + "name": "Alberto Schiabel", + "url": "https://github.com/jkomyno" + }, + { + "name": "Alvis HT Tang", + "url": "https://github.com/alvis" + }, + { + "name": "Andrew Makarov", + "url": "https://github.com/r3nya" + }, + { + "name": "Benjamin Toueg", + "url": "https://github.com/btoueg" + }, + { + "name": "Chigozirim C.", + "url": "https://github.com/smac89" + }, + { + "name": "David Junger", + "url": "https://github.com/touffy" + }, + { + "name": "Deividas Bakanas", + "url": "https://github.com/DeividasBakanas" + }, + { + "name": "Eugene Y. Q. Shen", + "url": "https://github.com/eyqs" + }, + { + "name": "Hannes Magnusson", + "url": "https://github.com/Hannes-Magnusson-CK" + }, + { + "name": "Huw", + "url": "https://github.com/hoo29" + }, + { + "name": "Kelvin Jin", + "url": "https://github.com/kjin" + }, + { + "name": "Klaus Meinhardt", + "url": "https://github.com/ajafff" + }, + { + "name": "Lishude", + "url": "https://github.com/islishude" + }, + { + "name": "Mariusz Wiktorczyk", + "url": "https://github.com/mwiktorczyk" + }, + { + "name": "Mohsen Azimi", + "url": "https://github.com/mohsen1" + }, + { + "name": "Nikita Galkin", + "url": "https://github.com/galkin" + }, + { + "name": "Parambir Singh", + "url": "https://github.com/parambirs" + }, + { + "name": "Sebastian Silbermann", + "url": "https://github.com/eps1lon" + }, + { + "name": "Thomas den Hollander", + "url": "https://github.com/ThomasdenH" + }, + { + "name": "Wilco Bakker", + "url": "https://github.com/WilcoBakker" + }, + { + "name": "wwwy3y3", + "url": "https://github.com/wwwy3y3" + }, + { + "name": "Samuel Ainsworth", + "url": "https://github.com/samuela" + }, + { + "name": "Kyle Uehlein", + "url": "https://github.com/kuehlein" + }, + { + "name": "Thanik Bhongbhibhat", + "url": "https://github.com/bhongy" + }, + { + "name": "Marcin Kopacz", + "url": "https://github.com/chyzwar" + }, + { + "name": "Trivikram Kamat", + "url": "https://github.com/trivikr" + }, + { + "name": "Junxiao Shi", + "url": "https://github.com/yoursunny" + }, + { + "name": "Ilia Baryshnikov", + "url": "https://github.com/qwelias" + }, + { + "name": "ExE Boss", + "url": "https://github.com/ExE-Boss" + }, + { + "name": "Piotr Błażejewicz", + "url": "https://github.com/peterblazejewicz" + }, + { + "name": "Anna Henningsen", + "url": "https://github.com/addaleax" + }, + { + "name": "Victor Perin", + "url": "https://github.com/victorperin" + }, + { + "name": "Yongsheng Zhang", + "url": "https://github.com/ZYSzys" + }, + { + "name": "NodeJS Contributors", + "url": "https://github.com/NodeJS" + }, + { + "name": "Linus Unnebäck", + "url": "https://github.com/LinusU" + }, + { + "name": "wafuwafu13", + "url": "https://github.com/wafuwafu13" + }, + { + "name": "Matteo Collina", + "url": "https://github.com/mcollina" + }, + { + "name": "Dmitry Semigradsky", + "url": "https://github.com/Semigradsky" + } + ], + "dependencies": { + "undici-types": { + "_from": "undici-types@~5.26.4", + "_id": "undici-types@5.26.5", + "_integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==", + "_location": "/undici-types", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "undici-types@5.26.5", + "name": "undici-types", + "escapedName": "undici-types", + "rawSpec": "5.26.5", + "saveSpec": "[Circular]", + "fetchSpec": "5.26.5" + }, + "_requiredBy": [ + "/@types/node" + ], + "_resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "_shasum": "bcd539893d00b56e964fd2657a4866b221a65617", + "_spec": "5.26.5", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project", + "bugs": { + "url": "https://github.com/nodejs/undici/issues" + }, + "contributors": [ + { + "name": "Daniele Belardi", + "url": "https://github.com/dnlup" + }, + { + "name": "Ethan Arrowood", + "url": "https://github.com/ethan-arrowood" + }, + { + "name": "Matteo Collina", + "url": "https://github.com/mcollina" + }, + { + "name": "Matthew Aitken", + "url": "https://github.com/KhafraDev" + }, + { + "name": "Robert Nagy", + "url": "https://github.com/ronag" + }, + { + "name": "Szymon Marczak", + "url": "https://github.com/szmarczak" + }, + { + "name": "Tomas Della Vedova", + "url": "https://github.com/delvedor" + } + ], + "deprecated": false, + "description": "A stand-alone types package for Undici", + "files": [ + "*.d.ts" + ], + "homepage": "https://undici.nodejs.org", + "license": "MIT", + "name": "undici-types", + "repository": { + "type": "git", + "url": "git+https://github.com/nodejs/undici.git" + }, + "types": "index.d.ts", + "version": "5.26.5", + "readme": "# undici-types\n\nThis package is a dual-publish of the [undici](https://www.npmjs.com/package/undici) library types. The `undici` package **still contains types**. This package is for users who _only_ need undici types (such as for `@types/node`). It is published alongside every release of `undici`, so you can always use the same version.\n\n- [GitHub nodejs/undici](https://github.com/nodejs/undici)\n- [Undici Documentation](https://undici.nodejs.org/#/)\n", + "readmeFilename": "README.md", + "_development": true, + "_args": [ + [ + "undici-types@5.26.5", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project" + ] + ], + "dependencies": {}, + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/undici-types", + "error": "[Circular]", + "extraneous": false + } + }, + "deprecated": false, + "description": "TypeScript definitions for node", + "homepage": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node", + "license": "MIT", + "main": "", + "name": "@types/node", + "repository": { + "type": "git", + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git", + "directory": "types/node" + }, + "scripts": {}, + "typeScriptVersion": "4.7", + "types": "index.d.ts", + "typesPublisherContentHash": "5ff1c25113c701fc2321b0b620459a659788987291b6c00cde19caf71688f6ae", + "version": "20.12.8", + "readme": "# Installation\r\n> `npm install --save @types/node`\r\n\r\n# Summary\r\nThis package contains type definitions for node (https://nodejs.org/).\r\n\r\n# Details\r\nFiles were exported from https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node.\r\n\r\n### Additional Details\r\n * Last updated: Wed, 01 May 2024 18:36:06 GMT\r\n * Dependencies: [undici-types](https://npmjs.com/package/undici-types)\r\n\r\n# Credits\r\nThese definitions were written by [Microsoft TypeScript](https://github.com/Microsoft), [Alberto Schiabel](https://github.com/jkomyno), [Alvis HT Tang](https://github.com/alvis), [Andrew Makarov](https://github.com/r3nya), [Benjamin Toueg](https://github.com/btoueg), [Chigozirim C.](https://github.com/smac89), [David Junger](https://github.com/touffy), [Deividas Bakanas](https://github.com/DeividasBakanas), [Eugene Y. Q. Shen](https://github.com/eyqs), [Hannes Magnusson](https://github.com/Hannes-Magnusson-CK), [Huw](https://github.com/hoo29), [Kelvin Jin](https://github.com/kjin), [Klaus Meinhardt](https://github.com/ajafff), [Lishude](https://github.com/islishude), [Mariusz Wiktorczyk](https://github.com/mwiktorczyk), [Mohsen Azimi](https://github.com/mohsen1), [Nikita Galkin](https://github.com/galkin), [Parambir Singh](https://github.com/parambirs), [Sebastian Silbermann](https://github.com/eps1lon), [Thomas den Hollander](https://github.com/ThomasdenH), [Wilco Bakker](https://github.com/WilcoBakker), [wwwy3y3](https://github.com/wwwy3y3), [Samuel Ainsworth](https://github.com/samuela), [Kyle Uehlein](https://github.com/kuehlein), [Thanik Bhongbhibhat](https://github.com/bhongy), [Marcin Kopacz](https://github.com/chyzwar), [Trivikram Kamat](https://github.com/trivikr), [Junxiao Shi](https://github.com/yoursunny), [Ilia Baryshnikov](https://github.com/qwelias), [ExE Boss](https://github.com/ExE-Boss), [Piotr Błażejewicz](https://github.com/peterblazejewicz), [Anna Henningsen](https://github.com/addaleax), [Victor Perin](https://github.com/victorperin), [Yongsheng Zhang](https://github.com/ZYSzys), [NodeJS Contributors](https://github.com/NodeJS), [Linus Unnebäck](https://github.com/LinusU), [wafuwafu13](https://github.com/wafuwafu13), [Matteo Collina](https://github.com/mcollina), and [Dmitry Semigradsky](https://github.com/Semigradsky).\r\n", + "readmeFilename": "README.md", + "_development": true, + "_args": [ + [ + "@types/node@20.12.8", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project" + ] + ], + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": { + "undici-types": "~5.26.4" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/node", + "error": "[Circular]", + "extraneous": false + }, + "@types/uuid": { + "_from": "@types/uuid@8.3.4", + "_id": "@types/uuid@8.3.4", + "_integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "_location": "/@types/uuid", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "@types/uuid@8.3.4", + "name": "@types/uuid", + "escapedName": "@types%2fuuid", + "scope": "@types", + "rawSpec": "8.3.4", + "saveSpec": "[Circular]", + "fetchSpec": "8.3.4" + }, + "_requiredBy": [ + "#DEV:/", + "/uuidv4" + ], + "_resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "_shasum": "bd86a43617df0594787d38b735f55c805becf1bc", + "_spec": "8.3.4", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project", + "bugs": { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues" + }, + "contributors": [ + { + "name": "Oliver Hoffmann", + "url": "https://github.com/iamolivinius" + }, + { + "name": "Felipe Ochoa", + "url": "https://github.com/felipeochoa" + }, + { + "name": "Chris Barth", + "url": "https://github.com/cjbarth" + }, + { + "name": "Linus Unnebäck", + "url": "https://github.com/LinusU" + }, + { + "name": "Christoph Tavan", + "url": "https://github.com/ctavan" + } + ], + "dependencies": {}, + "deprecated": false, + "description": "TypeScript definitions for uuid", + "exports": { + "./package.json": "./package.json", + ".": { + "types": { + "import": "./index.d.mts", + "default": "./index.d.ts" + } + } + }, + "homepage": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/uuid", + "license": "MIT", + "main": "", + "name": "@types/uuid", + "repository": { + "type": "git", + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git", + "directory": "types/uuid" + }, + "scripts": {}, + "typeScriptVersion": "3.8", + "types": "index.d.ts", + "typesPublisherContentHash": "7bd9cd358e9e4357393eb0163c44f44dc265ab936b456743af6ed3d0d0ac644f", + "version": "8.3.4", + "readme": "# Installation\r\n> `npm install --save @types/uuid`\r\n\r\n# Summary\r\nThis package contains type definitions for uuid (https://github.com/uuidjs/uuid).\r\n\r\n# Details\r\nFiles were exported from https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/uuid.\r\n\r\n### Additional Details\r\n * Last updated: Thu, 06 Jan 2022 07:31:27 GMT\r\n * Dependencies: none\r\n * Global values: none\r\n\r\n# Credits\r\nThese definitions were written by [Oliver Hoffmann](https://github.com/iamolivinius), [Felipe Ochoa](https://github.com/felipeochoa), [Chris Barth](https://github.com/cjbarth), [Linus Unnebäck](https://github.com/LinusU), and [Christoph Tavan](https://github.com/ctavan).\r\n", + "readmeFilename": "README.md", + "_args": [ + [ + "@types/uuid@8.3.4", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project" + ] + ], + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/uuid", + "error": "[Circular]", + "extraneous": false + }, + "uuid": { + "_from": "uuid@8.3.2", + "_id": "uuid@8.3.2", + "_integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "_location": "/uuid", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "uuid@8.3.2", + "name": "uuid", + "escapedName": "uuid", + "rawSpec": "8.3.2", + "saveSpec": "[Circular]", + "fetchSpec": "8.3.2" + }, + "_requiredBy": [ + "#DEV:/", + "/uuidv4" + ], + "_resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "_shasum": "80d5b5ced271bb9af6c445f21a1a04c606cefbe2", + "_spec": "8.3.2", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project", + "bin": { + "uuid": "dist/bin/uuid" + }, + "browser": { + "./dist/md5.js": "./dist/md5-browser.js", + "./dist/rng.js": "./dist/rng-browser.js", + "./dist/sha1.js": "./dist/sha1-browser.js", + "./dist/esm-node/index.js": "./dist/esm-browser/index.js" + }, + "bugs": { + "url": "https://github.com/uuidjs/uuid/issues" + }, + "commitlint": { + "extends": [ + "@commitlint/config-conventional" + ] + }, + "deprecated": false, + "description": "RFC4122 (v1, v4, and v5) UUIDs", + "devDependencies": { + "@babel/cli": "7.11.6", + "@babel/core": "7.11.6", + "@babel/preset-env": "7.11.5", + "@commitlint/cli": "11.0.0", + "@commitlint/config-conventional": "11.0.0", + "@rollup/plugin-node-resolve": "9.0.0", + "babel-eslint": "10.1.0", + "bundlewatch": "0.3.1", + "eslint": "7.10.0", + "eslint-config-prettier": "6.12.0", + "eslint-config-standard": "14.1.1", + "eslint-plugin-import": "2.22.1", + "eslint-plugin-node": "11.1.0", + "eslint-plugin-prettier": "3.1.4", + "eslint-plugin-promise": "4.2.1", + "eslint-plugin-standard": "4.0.1", + "husky": "4.3.0", + "jest": "25.5.4", + "lint-staged": "10.4.0", + "npm-run-all": "4.1.5", + "optional-dev-dependency": "2.0.1", + "prettier": "2.1.2", + "random-seed": "0.3.0", + "rollup": "2.28.2", + "rollup-plugin-terser": "7.0.2", + "runmd": "1.3.2", + "standard-version": "9.0.0" + }, + "exports": { + ".": { + "node": { + "module": "./dist/esm-node/index.js", + "require": "./dist/index.js", + "import": "./wrapper.mjs" + }, + "default": "./dist/esm-browser/index.js" + }, + "./package.json": "./package.json" + }, + "files": [ + "CHANGELOG.md", + "CONTRIBUTING.md", + "LICENSE.md", + "README.md", + "dist", + "wrapper.mjs" + ], + "homepage": "https://github.com/uuidjs/uuid#readme", + "husky": { + "hooks": { + "commit-msg": "commitlint -E HUSKY_GIT_PARAMS", + "pre-commit": "lint-staged" + } + }, + "keywords": [ + "uuid", + "guid", + "rfc4122" + ], + "license": "MIT", + "lint-staged": { + "*.{js,jsx,json,md}": [ + "prettier --write" + ], + "*.{js,jsx}": [ + "eslint --fix" + ] + }, + "main": "./dist/index.js", + "module": "./dist/esm-node/index.js", + "name": "uuid", + "optionalDevDependencies": { + "@wdio/browserstack-service": "6.4.0", + "@wdio/cli": "6.4.0", + "@wdio/jasmine-framework": "6.4.0", + "@wdio/local-runner": "6.4.0", + "@wdio/spec-reporter": "6.4.0", + "@wdio/static-server-service": "6.4.0", + "@wdio/sync": "6.4.0" + }, + "repository": { + "type": "git", + "url": "git+https://github.com/uuidjs/uuid.git" + }, + "scripts": { + "build": "./scripts/build.sh", + "bundlewatch": "npm run pretest:browser && bundlewatch --config bundlewatch.config.json", + "docs": "( node --version | grep -q 'v12' ) && ( npm run build && runmd --output=README.md README_js.md )", + "docs:diff": "npm run docs && git diff --quiet README.md", + "eslint:check": "eslint src/ test/ examples/ *.js", + "eslint:fix": "eslint --fix src/ test/ examples/ *.js", + "examples:browser:rollup:build": "cd examples/browser-rollup && npm install && npm run build", + "examples:browser:webpack:build": "cd examples/browser-webpack && npm install && npm run build", + "examples:node:commonjs:test": "cd examples/node-commonjs && npm install && npm test", + "examples:node:esmodules:test": "cd examples/node-esmodules && npm install && npm test", + "lint": "npm run eslint:check && npm run prettier:check", + "md": "runmd --watch --output=README.md README_js.md", + "prepack": "npm run build", + "pretest": "[ -n $CI ] || npm run build", + "pretest:benchmark": "npm run build", + "pretest:browser": "optional-dev-dependency && npm run build && npm-run-all --parallel examples:browser:**", + "pretest:node": "npm run build", + "prettier:check": "prettier --ignore-path .prettierignore --check '**/*.{js,jsx,json,md}'", + "prettier:fix": "prettier --ignore-path .prettierignore --write '**/*.{js,jsx,json,md}'", + "release": "standard-version --no-verify", + "test": "BABEL_ENV=commonjs node --throw-deprecation node_modules/.bin/jest test/unit/", + "test:benchmark": "cd examples/benchmark && npm install && npm test", + "test:browser": "wdio run ./wdio.conf.js", + "test:node": "npm-run-all --parallel examples:node:**", + "test:pack": "./scripts/testpack.sh" + }, + "sideEffects": false, + "standard-version": { + "scripts": { + "postchangelog": "prettier --write CHANGELOG.md" + } + }, + "version": "8.3.2", + "readme": "\n\n# uuid [![CI](https://github.com/uuidjs/uuid/workflows/CI/badge.svg)](https://github.com/uuidjs/uuid/actions?query=workflow%3ACI) [![Browser](https://github.com/uuidjs/uuid/workflows/Browser/badge.svg)](https://github.com/uuidjs/uuid/actions?query=workflow%3ABrowser)\n\nFor the creation of [RFC4122](http://www.ietf.org/rfc/rfc4122.txt) UUIDs\n\n- **Complete** - Support for RFC4122 version 1, 3, 4, and 5 UUIDs\n- **Cross-platform** - Support for ...\n - CommonJS, [ECMAScript Modules](#ecmascript-modules) and [CDN builds](#cdn-builds)\n - Node 8, 10, 12, 14\n - Chrome, Safari, Firefox, Edge, IE 11 browsers\n - Webpack and rollup.js module bundlers\n - [React Native / Expo](#react-native--expo)\n- **Secure** - Cryptographically-strong random values\n- **Small** - Zero-dependency, small footprint, plays nice with \"tree shaking\" packagers\n- **CLI** - Includes the [`uuid` command line](#command-line) utility\n\n**Upgrading from `uuid@3.x`?** Your code is probably okay, but check out [Upgrading From `uuid@3.x`](#upgrading-from-uuid3x) for details.\n\n## Quickstart\n\nTo create a random UUID...\n\n**1. Install**\n\n```shell\nnpm install uuid\n```\n\n**2. Create a UUID** (ES6 module syntax)\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\nuuidv4(); // ⇨ '9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d'\n```\n\n... or using CommonJS syntax:\n\n```javascript\nconst { v4: uuidv4 } = require('uuid');\nuuidv4(); // ⇨ '1b9d6bcd-bbfd-4b2d-9b5d-ab8dfbbd4bed'\n```\n\nFor timestamp UUIDs, namespace UUIDs, and other options read on ...\n\n## API Summary\n\n| | | |\n| --- | --- | --- |\n| [`uuid.NIL`](#uuidnil) | The nil UUID string (all zeros) | New in `uuid@8.3` |\n| [`uuid.parse()`](#uuidparsestr) | Convert UUID string to array of bytes | New in `uuid@8.3` |\n| [`uuid.stringify()`](#uuidstringifyarr-offset) | Convert array of bytes to UUID string | New in `uuid@8.3` |\n| [`uuid.v1()`](#uuidv1options-buffer-offset) | Create a version 1 (timestamp) UUID | |\n| [`uuid.v3()`](#uuidv3name-namespace-buffer-offset) | Create a version 3 (namespace w/ MD5) UUID | |\n| [`uuid.v4()`](#uuidv4options-buffer-offset) | Create a version 4 (random) UUID | |\n| [`uuid.v5()`](#uuidv5name-namespace-buffer-offset) | Create a version 5 (namespace w/ SHA-1) UUID | |\n| [`uuid.validate()`](#uuidvalidatestr) | Test a string to see if it is a valid UUID | New in `uuid@8.3` |\n| [`uuid.version()`](#uuidversionstr) | Detect RFC version of a UUID | New in `uuid@8.3` |\n\n## API\n\n### uuid.NIL\n\nThe nil UUID string (all zeros).\n\nExample:\n\n```javascript\nimport { NIL as NIL_UUID } from 'uuid';\n\nNIL_UUID; // ⇨ '00000000-0000-0000-0000-000000000000'\n```\n\n### uuid.parse(str)\n\nConvert UUID string to array of bytes\n\n| | |\n| --------- | ---------------------------------------- |\n| `str` | A valid UUID `String` |\n| _returns_ | `Uint8Array[16]` |\n| _throws_ | `TypeError` if `str` is not a valid UUID |\n\nNote: Ordering of values in the byte arrays used by `parse()` and `stringify()` follows the left ↠ right order of hex-pairs in UUID strings. As shown in the example below.\n\nExample:\n\n```javascript\nimport { parse as uuidParse } from 'uuid';\n\n// Parse a UUID\nconst bytes = uuidParse('6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b');\n\n// Convert to hex strings to show byte order (for documentation purposes)\n[...bytes].map((v) => v.toString(16).padStart(2, '0')); // ⇨ \n // [\n // '6e', 'c0', 'bd', '7f',\n // '11', 'c0', '43', 'da',\n // '97', '5e', '2a', '8a',\n // 'd9', 'eb', 'ae', '0b'\n // ]\n```\n\n### uuid.stringify(arr[, offset])\n\nConvert array of bytes to UUID string\n\n| | |\n| -------------- | ---------------------------------------------------------------------------- |\n| `arr` | `Array`-like collection of 16 values (starting from `offset`) between 0-255. |\n| [`offset` = 0] | `Number` Starting index in the Array |\n| _returns_ | `String` |\n| _throws_ | `TypeError` if a valid UUID string cannot be generated |\n\nNote: Ordering of values in the byte arrays used by `parse()` and `stringify()` follows the left ↠ right order of hex-pairs in UUID strings. As shown in the example below.\n\nExample:\n\n```javascript\nimport { stringify as uuidStringify } from 'uuid';\n\nconst uuidBytes = [\n 0x6e,\n 0xc0,\n 0xbd,\n 0x7f,\n 0x11,\n 0xc0,\n 0x43,\n 0xda,\n 0x97,\n 0x5e,\n 0x2a,\n 0x8a,\n 0xd9,\n 0xeb,\n 0xae,\n 0x0b,\n];\n\nuuidStringify(uuidBytes); // ⇨ '6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b'\n```\n\n### uuid.v1([options[, buffer[, offset]]])\n\nCreate an RFC version 1 (timestamp) UUID\n\n| | |\n| --- | --- |\n| [`options`] | `Object` with one or more of the following properties: |\n| [`options.node` ] | RFC \"node\" field as an `Array[6]` of byte values (per 4.1.6) |\n| [`options.clockseq`] | RFC \"clock sequence\" as a `Number` between 0 - 0x3fff |\n| [`options.msecs`] | RFC \"timestamp\" field (`Number` of milliseconds, unix epoch) |\n| [`options.nsecs`] | RFC \"timestamp\" field (`Number` of nanseconds to add to `msecs`, should be 0-10,000) |\n| [`options.random`] | `Array` of 16 random bytes (0-255) |\n| [`options.rng`] | Alternative to `options.random`, a `Function` that returns an `Array` of 16 random bytes (0-255) |\n| [`buffer`] | `Array \\| Buffer` If specified, uuid will be written here in byte-form, starting at `offset` |\n| [`offset` = 0] | `Number` Index to start writing UUID bytes in `buffer` |\n| _returns_ | UUID `String` if no `buffer` is specified, otherwise returns `buffer` |\n| _throws_ | `Error` if more than 10M UUIDs/sec are requested |\n\nNote: The default [node id](https://tools.ietf.org/html/rfc4122#section-4.1.6) (the last 12 digits in the UUID) is generated once, randomly, on process startup, and then remains unchanged for the duration of the process.\n\nNote: `options.random` and `options.rng` are only meaningful on the very first call to `v1()`, where they may be passed to initialize the internal `node` and `clockseq` fields.\n\nExample:\n\n```javascript\nimport { v1 as uuidv1 } from 'uuid';\n\nuuidv1(); // ⇨ '2c5ea4c0-4067-11e9-8bad-9b1deb4d3b7d'\n```\n\nExample using `options`:\n\n```javascript\nimport { v1 as uuidv1 } from 'uuid';\n\nconst v1options = {\n node: [0x01, 0x23, 0x45, 0x67, 0x89, 0xab],\n clockseq: 0x1234,\n msecs: new Date('2011-11-01').getTime(),\n nsecs: 5678,\n};\nuuidv1(v1options); // ⇨ '710b962e-041c-11e1-9234-0123456789ab'\n```\n\n### uuid.v3(name, namespace[, buffer[, offset]])\n\nCreate an RFC version 3 (namespace w/ MD5) UUID\n\nAPI is identical to `v5()`, but uses \"v3\" instead.\n\n⚠️ Note: Per the RFC, \"_If backward compatibility is not an issue, SHA-1 [Version 5] is preferred_.\"\n\n### uuid.v4([options[, buffer[, offset]]])\n\nCreate an RFC version 4 (random) UUID\n\n| | |\n| --- | --- |\n| [`options`] | `Object` with one or more of the following properties: |\n| [`options.random`] | `Array` of 16 random bytes (0-255) |\n| [`options.rng`] | Alternative to `options.random`, a `Function` that returns an `Array` of 16 random bytes (0-255) |\n| [`buffer`] | `Array \\| Buffer` If specified, uuid will be written here in byte-form, starting at `offset` |\n| [`offset` = 0] | `Number` Index to start writing UUID bytes in `buffer` |\n| _returns_ | UUID `String` if no `buffer` is specified, otherwise returns `buffer` |\n\nExample:\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\n\nuuidv4(); // ⇨ '1b9d6bcd-bbfd-4b2d-9b5d-ab8dfbbd4bed'\n```\n\nExample using predefined `random` values:\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\n\nconst v4options = {\n random: [\n 0x10,\n 0x91,\n 0x56,\n 0xbe,\n 0xc4,\n 0xfb,\n 0xc1,\n 0xea,\n 0x71,\n 0xb4,\n 0xef,\n 0xe1,\n 0x67,\n 0x1c,\n 0x58,\n 0x36,\n ],\n};\nuuidv4(v4options); // ⇨ '109156be-c4fb-41ea-b1b4-efe1671c5836'\n```\n\n### uuid.v5(name, namespace[, buffer[, offset]])\n\nCreate an RFC version 5 (namespace w/ SHA-1) UUID\n\n| | |\n| --- | --- |\n| `name` | `String \\| Array` |\n| `namespace` | `String \\| Array[16]` Namespace UUID |\n| [`buffer`] | `Array \\| Buffer` If specified, uuid will be written here in byte-form, starting at `offset` |\n| [`offset` = 0] | `Number` Index to start writing UUID bytes in `buffer` |\n| _returns_ | UUID `String` if no `buffer` is specified, otherwise returns `buffer` |\n\nNote: The RFC `DNS` and `URL` namespaces are available as `v5.DNS` and `v5.URL`.\n\nExample with custom namespace:\n\n```javascript\nimport { v5 as uuidv5 } from 'uuid';\n\n// Define a custom namespace. Readers, create your own using something like\n// https://www.uuidgenerator.net/\nconst MY_NAMESPACE = '1b671a64-40d5-491e-99b0-da01ff1f3341';\n\nuuidv5('Hello, World!', MY_NAMESPACE); // ⇨ '630eb68f-e0fa-5ecc-887a-7c7a62614681'\n```\n\nExample with RFC `URL` namespace:\n\n```javascript\nimport { v5 as uuidv5 } from 'uuid';\n\nuuidv5('https://www.w3.org/', uuidv5.URL); // ⇨ 'c106a26a-21bb-5538-8bf2-57095d1976c1'\n```\n\n### uuid.validate(str)\n\nTest a string to see if it is a valid UUID\n\n| | |\n| --------- | --------------------------------------------------- |\n| `str` | `String` to validate |\n| _returns_ | `true` if string is a valid UUID, `false` otherwise |\n\nExample:\n\n```javascript\nimport { validate as uuidValidate } from 'uuid';\n\nuuidValidate('not a UUID'); // ⇨ false\nuuidValidate('6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b'); // ⇨ true\n```\n\nUsing `validate` and `version` together it is possible to do per-version validation, e.g. validate for only v4 UUIds.\n\n```javascript\nimport { version as uuidVersion } from 'uuid';\nimport { validate as uuidValidate } from 'uuid';\n\nfunction uuidValidateV4(uuid) {\n return uuidValidate(uuid) && uuidVersion(uuid) === 4;\n}\n\nconst v1Uuid = 'd9428888-122b-11e1-b85c-61cd3cbb3210';\nconst v4Uuid = '109156be-c4fb-41ea-b1b4-efe1671c5836';\n\nuuidValidateV4(v4Uuid); // ⇨ true\nuuidValidateV4(v1Uuid); // ⇨ false\n```\n\n### uuid.version(str)\n\nDetect RFC version of a UUID\n\n| | |\n| --------- | ---------------------------------------- |\n| `str` | A valid UUID `String` |\n| _returns_ | `Number` The RFC version of the UUID |\n| _throws_ | `TypeError` if `str` is not a valid UUID |\n\nExample:\n\n```javascript\nimport { version as uuidVersion } from 'uuid';\n\nuuidVersion('45637ec4-c85f-11ea-87d0-0242ac130003'); // ⇨ 1\nuuidVersion('6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b'); // ⇨ 4\n```\n\n## Command Line\n\nUUIDs can be generated from the command line using `uuid`.\n\n```shell\n$ uuid\nddeb27fb-d9a0-4624-be4d-4615062daed4\n```\n\nThe default is to generate version 4 UUIDS, however the other versions are supported. Type `uuid --help` for details:\n\n```shell\n$ uuid --help\n\nUsage:\n uuid\n uuid v1\n uuid v3 \n uuid v4\n uuid v5 \n uuid --help\n\nNote: may be \"URL\" or \"DNS\" to use the corresponding UUIDs\ndefined by RFC4122\n```\n\n## ECMAScript Modules\n\nThis library comes with [ECMAScript Modules](https://www.ecma-international.org/ecma-262/6.0/#sec-modules) (ESM) support for Node.js versions that support it ([example](./examples/node-esmodules/)) as well as bundlers like [rollup.js](https://rollupjs.org/guide/en/#tree-shaking) ([example](./examples/browser-rollup/)) and [webpack](https://webpack.js.org/guides/tree-shaking/) ([example](./examples/browser-webpack/)) (targeting both, Node.js and browser environments).\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\nuuidv4(); // ⇨ '1b9d6bcd-bbfd-4b2d-9b5d-ab8dfbbd4bed'\n```\n\nTo run the examples you must first create a dist build of this library in the module root:\n\n```shell\nnpm run build\n```\n\n## CDN Builds\n\n### ECMAScript Modules\n\nTo load this module directly into modern browsers that [support loading ECMAScript Modules](https://caniuse.com/#feat=es6-module) you can make use of [jspm](https://jspm.org/):\n\n```html\n\n```\n\n### UMD\n\nTo load this module directly into older browsers you can use the [UMD (Universal Module Definition)](https://github.com/umdjs/umd) builds from any of the following CDNs:\n\n**Using [UNPKG](https://unpkg.com/uuid@latest/dist/umd/)**:\n\n```html\n\n```\n\n**Using [jsDelivr](https://cdn.jsdelivr.net/npm/uuid@latest/dist/umd/)**:\n\n```html\n\n```\n\n**Using [cdnjs](https://cdnjs.com/libraries/uuid)**:\n\n```html\n\n```\n\nThese CDNs all provide the same [`uuidv4()`](#uuidv4options-buffer-offset) method:\n\n```html\n\n```\n\nMethods for the other algorithms ([`uuidv1()`](#uuidv1options-buffer-offset), [`uuidv3()`](#uuidv3name-namespace-buffer-offset) and [`uuidv5()`](#uuidv5name-namespace-buffer-offset)) are available from the files `uuidv1.min.js`, `uuidv3.min.js` and `uuidv5.min.js` respectively.\n\n## \"getRandomValues() not supported\"\n\nThis error occurs in environments where the standard [`crypto.getRandomValues()`](https://developer.mozilla.org/en-US/docs/Web/API/Crypto/getRandomValues) API is not supported. This issue can be resolved by adding an appropriate polyfill:\n\n### React Native / Expo\n\n1. Install [`react-native-get-random-values`](https://github.com/LinusU/react-native-get-random-values#readme)\n1. Import it _before_ `uuid`. Since `uuid` might also appear as a transitive dependency of some other imports it's safest to just import `react-native-get-random-values` as the very first thing in your entry point:\n\n```javascript\nimport 'react-native-get-random-values';\nimport { v4 as uuidv4 } from 'uuid';\n```\n\nNote: If you are using Expo, you must be using at least `react-native-get-random-values@1.5.0` and `expo@39.0.0`.\n\n### Web Workers / Service Workers (Edge <= 18)\n\n[In Edge <= 18, Web Crypto is not supported in Web Workers or Service Workers](https://caniuse.com/#feat=cryptography) and we are not aware of a polyfill (let us know if you find one, please).\n\n## Upgrading From `uuid@7.x`\n\n### Only Named Exports Supported When Using with Node.js ESM\n\n`uuid@7.x` did not come with native ECMAScript Module (ESM) support for Node.js. Importing it in Node.js ESM consequently imported the CommonJS source with a default export. This library now comes with true Node.js ESM support and only provides named exports.\n\nInstead of doing:\n\n```javascript\nimport uuid from 'uuid';\nuuid.v4();\n```\n\nyou will now have to use the named exports:\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\nuuidv4();\n```\n\n### Deep Requires No Longer Supported\n\nDeep requires like `require('uuid/v4')` [which have been deprecated in `uuid@7.x`](#deep-requires-now-deprecated) are no longer supported.\n\n## Upgrading From `uuid@3.x`\n\n\"_Wait... what happened to `uuid@4.x` - `uuid@6.x`?!?_\"\n\nIn order to avoid confusion with RFC [version 4](#uuidv4options-buffer-offset) and [version 5](#uuidv5name-namespace-buffer-offset) UUIDs, and a possible [version 6](http://gh.peabody.io/uuidv6/), releases 4 thru 6 of this module have been skipped.\n\n### Deep Requires Now Deprecated\n\n`uuid@3.x` encouraged the use of deep requires to minimize the bundle size of browser builds:\n\n```javascript\nconst uuidv4 = require('uuid/v4'); // <== NOW DEPRECATED!\nuuidv4();\n```\n\nAs of `uuid@7.x` this library now provides ECMAScript modules builds, which allow packagers like Webpack and Rollup to do \"tree-shaking\" to remove dead code. Instead, use the `import` syntax:\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\nuuidv4();\n```\n\n... or for CommonJS:\n\n```javascript\nconst { v4: uuidv4 } = require('uuid');\nuuidv4();\n```\n\n### Default Export Removed\n\n`uuid@3.x` was exporting the Version 4 UUID method as a default export:\n\n```javascript\nconst uuid = require('uuid'); // <== REMOVED!\n```\n\nThis usage pattern was already discouraged in `uuid@3.x` and has been removed in `uuid@7.x`.\n\n----\nMarkdown generated from [README_js.md](README_js.md) by [![RunMD Logo](http://i.imgur.com/h0FVyzU.png)](https://github.com/broofa/runmd)", + "readmeFilename": "README.md", + "_args": [ + [ + "uuid@8.3.2", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project" + ] + ], + "dependencies": {}, + "optionalDependencies": {}, + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuid", + "error": "[Circular]", + "extraneous": false + }, + "uuidv4": { + "_from": "uuidv4@^6.2.13", + "_id": "uuidv4@6.2.13", + "_integrity": "sha512-AXyzMjazYB3ovL3q051VLH06Ixj//Knx7QnUSi1T//Ie3io6CpsPu9nVMOx5MoLWh6xV0B9J0hIaxungxXUbPQ==", + "_location": "/uuidv4", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "uuidv4@6.2.13", + "name": "uuidv4", + "escapedName": "uuidv4", + "rawSpec": "6.2.13", + "saveSpec": "[Circular]", + "fetchSpec": "6.2.13" + }, + "_requiredBy": [ + "/" + ], + "_resolved": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "_shasum": "8f95ec5ef22d1f92c8e5d4c70b735d1c89572cb7", + "_spec": "6.2.13", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project", + "bugs": { + "url": "https://github.com/thenativeweb/uuidv4/issues" + }, + "contributors": [ + { + "name": "Golo Roden", + "email": "golo.roden@thenativeweb.io" + }, + { + "name": "Matthias Wagler", + "email": "matthias.wagler@thenativeweb.io" + }, + { + "name": "Jan-Hendrik Grundhöfer", + "email": "jan-hendrik.grundhoefer@thenativeweb.io" + }, + { + "name": "Sven Eppler", + "email": "sven.eppler@sodgeit.de" + }, + { + "name": "Hannes Leutloff", + "email": "hannes.leutloff@thenativeweb.io" + } + ], + "dependencies": { + "@types/uuid": { + "_from": "@types/uuid@8.3.4", + "_id": "@types/uuid@8.3.4", + "_integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "_location": "/@types/uuid", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "@types/uuid@8.3.4", + "name": "@types/uuid", + "escapedName": "@types%2fuuid", + "scope": "@types", + "rawSpec": "8.3.4", + "saveSpec": "[Circular]", + "fetchSpec": "8.3.4" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "_shasum": "bd86a43617df0594787d38b735f55c805becf1bc", + "_spec": "8.3.4", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project", + "bugs": "[Circular]", + "contributors": "[Circular]", + "dependencies": {}, + "deprecated": false, + "description": "TypeScript definitions for uuid", + "exports": "[Circular]", + "homepage": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/uuid", + "license": "MIT", + "main": "", + "name": "@types/uuid", + "repository": "[Circular]", + "scripts": "[Circular]", + "typeScriptVersion": "3.8", + "types": "index.d.ts", + "typesPublisherContentHash": "7bd9cd358e9e4357393eb0163c44f44dc265ab936b456743af6ed3d0d0ac644f", + "version": "8.3.4", + "readme": "# Installation\r\n> `npm install --save @types/uuid`\r\n\r\n# Summary\r\nThis package contains type definitions for uuid (https://github.com/uuidjs/uuid).\r\n\r\n# Details\r\nFiles were exported from https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/uuid.\r\n\r\n### Additional Details\r\n * Last updated: Thu, 06 Jan 2022 07:31:27 GMT\r\n * Dependencies: none\r\n * Global values: none\r\n\r\n# Credits\r\nThese definitions were written by [Oliver Hoffmann](https://github.com/iamolivinius), [Felipe Ochoa](https://github.com/felipeochoa), [Chris Barth](https://github.com/cjbarth), [Linus Unnebäck](https://github.com/LinusU), and [Christoph Tavan](https://github.com/ctavan).\r\n", + "readmeFilename": "README.md", + "_args": "[Circular]", + "devDependencies": "[Circular]", + "optionalDependencies": "[Circular]", + "_dependencies": "[Circular]", + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/uuid", + "error": "[Circular]", + "extraneous": false, + "_deduped": "@types/uuid" + }, + "uuid": { + "_from": "uuid@8.3.2", + "_id": "uuid@8.3.2", + "_integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "_location": "/uuid", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "uuid@8.3.2", + "name": "uuid", + "escapedName": "uuid", + "rawSpec": "8.3.2", + "saveSpec": "[Circular]", + "fetchSpec": "8.3.2" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "_shasum": "80d5b5ced271bb9af6c445f21a1a04c606cefbe2", + "_spec": "8.3.2", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project", + "bin": "[Circular]", + "browser": "[Circular]", + "bugs": "[Circular]", + "commitlint": "[Circular]", + "deprecated": false, + "description": "RFC4122 (v1, v4, and v5) UUIDs", + "devDependencies": "[Circular]", + "exports": "[Circular]", + "files": "[Circular]", + "homepage": "https://github.com/uuidjs/uuid#readme", + "husky": "[Circular]", + "keywords": "[Circular]", + "license": "MIT", + "lint-staged": "[Circular]", + "main": "./dist/index.js", + "module": "./dist/esm-node/index.js", + "name": "uuid", + "optionalDevDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "sideEffects": false, + "standard-version": "[Circular]", + "version": "8.3.2", + "readme": "\n\n# uuid [![CI](https://github.com/uuidjs/uuid/workflows/CI/badge.svg)](https://github.com/uuidjs/uuid/actions?query=workflow%3ACI) [![Browser](https://github.com/uuidjs/uuid/workflows/Browser/badge.svg)](https://github.com/uuidjs/uuid/actions?query=workflow%3ABrowser)\n\nFor the creation of [RFC4122](http://www.ietf.org/rfc/rfc4122.txt) UUIDs\n\n- **Complete** - Support for RFC4122 version 1, 3, 4, and 5 UUIDs\n- **Cross-platform** - Support for ...\n - CommonJS, [ECMAScript Modules](#ecmascript-modules) and [CDN builds](#cdn-builds)\n - Node 8, 10, 12, 14\n - Chrome, Safari, Firefox, Edge, IE 11 browsers\n - Webpack and rollup.js module bundlers\n - [React Native / Expo](#react-native--expo)\n- **Secure** - Cryptographically-strong random values\n- **Small** - Zero-dependency, small footprint, plays nice with \"tree shaking\" packagers\n- **CLI** - Includes the [`uuid` command line](#command-line) utility\n\n**Upgrading from `uuid@3.x`?** Your code is probably okay, but check out [Upgrading From `uuid@3.x`](#upgrading-from-uuid3x) for details.\n\n## Quickstart\n\nTo create a random UUID...\n\n**1. Install**\n\n```shell\nnpm install uuid\n```\n\n**2. Create a UUID** (ES6 module syntax)\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\nuuidv4(); // ⇨ '9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d'\n```\n\n... or using CommonJS syntax:\n\n```javascript\nconst { v4: uuidv4 } = require('uuid');\nuuidv4(); // ⇨ '1b9d6bcd-bbfd-4b2d-9b5d-ab8dfbbd4bed'\n```\n\nFor timestamp UUIDs, namespace UUIDs, and other options read on ...\n\n## API Summary\n\n| | | |\n| --- | --- | --- |\n| [`uuid.NIL`](#uuidnil) | The nil UUID string (all zeros) | New in `uuid@8.3` |\n| [`uuid.parse()`](#uuidparsestr) | Convert UUID string to array of bytes | New in `uuid@8.3` |\n| [`uuid.stringify()`](#uuidstringifyarr-offset) | Convert array of bytes to UUID string | New in `uuid@8.3` |\n| [`uuid.v1()`](#uuidv1options-buffer-offset) | Create a version 1 (timestamp) UUID | |\n| [`uuid.v3()`](#uuidv3name-namespace-buffer-offset) | Create a version 3 (namespace w/ MD5) UUID | |\n| [`uuid.v4()`](#uuidv4options-buffer-offset) | Create a version 4 (random) UUID | |\n| [`uuid.v5()`](#uuidv5name-namespace-buffer-offset) | Create a version 5 (namespace w/ SHA-1) UUID | |\n| [`uuid.validate()`](#uuidvalidatestr) | Test a string to see if it is a valid UUID | New in `uuid@8.3` |\n| [`uuid.version()`](#uuidversionstr) | Detect RFC version of a UUID | New in `uuid@8.3` |\n\n## API\n\n### uuid.NIL\n\nThe nil UUID string (all zeros).\n\nExample:\n\n```javascript\nimport { NIL as NIL_UUID } from 'uuid';\n\nNIL_UUID; // ⇨ '00000000-0000-0000-0000-000000000000'\n```\n\n### uuid.parse(str)\n\nConvert UUID string to array of bytes\n\n| | |\n| --------- | ---------------------------------------- |\n| `str` | A valid UUID `String` |\n| _returns_ | `Uint8Array[16]` |\n| _throws_ | `TypeError` if `str` is not a valid UUID |\n\nNote: Ordering of values in the byte arrays used by `parse()` and `stringify()` follows the left ↠ right order of hex-pairs in UUID strings. As shown in the example below.\n\nExample:\n\n```javascript\nimport { parse as uuidParse } from 'uuid';\n\n// Parse a UUID\nconst bytes = uuidParse('6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b');\n\n// Convert to hex strings to show byte order (for documentation purposes)\n[...bytes].map((v) => v.toString(16).padStart(2, '0')); // ⇨ \n // [\n // '6e', 'c0', 'bd', '7f',\n // '11', 'c0', '43', 'da',\n // '97', '5e', '2a', '8a',\n // 'd9', 'eb', 'ae', '0b'\n // ]\n```\n\n### uuid.stringify(arr[, offset])\n\nConvert array of bytes to UUID string\n\n| | |\n| -------------- | ---------------------------------------------------------------------------- |\n| `arr` | `Array`-like collection of 16 values (starting from `offset`) between 0-255. |\n| [`offset` = 0] | `Number` Starting index in the Array |\n| _returns_ | `String` |\n| _throws_ | `TypeError` if a valid UUID string cannot be generated |\n\nNote: Ordering of values in the byte arrays used by `parse()` and `stringify()` follows the left ↠ right order of hex-pairs in UUID strings. As shown in the example below.\n\nExample:\n\n```javascript\nimport { stringify as uuidStringify } from 'uuid';\n\nconst uuidBytes = [\n 0x6e,\n 0xc0,\n 0xbd,\n 0x7f,\n 0x11,\n 0xc0,\n 0x43,\n 0xda,\n 0x97,\n 0x5e,\n 0x2a,\n 0x8a,\n 0xd9,\n 0xeb,\n 0xae,\n 0x0b,\n];\n\nuuidStringify(uuidBytes); // ⇨ '6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b'\n```\n\n### uuid.v1([options[, buffer[, offset]]])\n\nCreate an RFC version 1 (timestamp) UUID\n\n| | |\n| --- | --- |\n| [`options`] | `Object` with one or more of the following properties: |\n| [`options.node` ] | RFC \"node\" field as an `Array[6]` of byte values (per 4.1.6) |\n| [`options.clockseq`] | RFC \"clock sequence\" as a `Number` between 0 - 0x3fff |\n| [`options.msecs`] | RFC \"timestamp\" field (`Number` of milliseconds, unix epoch) |\n| [`options.nsecs`] | RFC \"timestamp\" field (`Number` of nanseconds to add to `msecs`, should be 0-10,000) |\n| [`options.random`] | `Array` of 16 random bytes (0-255) |\n| [`options.rng`] | Alternative to `options.random`, a `Function` that returns an `Array` of 16 random bytes (0-255) |\n| [`buffer`] | `Array \\| Buffer` If specified, uuid will be written here in byte-form, starting at `offset` |\n| [`offset` = 0] | `Number` Index to start writing UUID bytes in `buffer` |\n| _returns_ | UUID `String` if no `buffer` is specified, otherwise returns `buffer` |\n| _throws_ | `Error` if more than 10M UUIDs/sec are requested |\n\nNote: The default [node id](https://tools.ietf.org/html/rfc4122#section-4.1.6) (the last 12 digits in the UUID) is generated once, randomly, on process startup, and then remains unchanged for the duration of the process.\n\nNote: `options.random` and `options.rng` are only meaningful on the very first call to `v1()`, where they may be passed to initialize the internal `node` and `clockseq` fields.\n\nExample:\n\n```javascript\nimport { v1 as uuidv1 } from 'uuid';\n\nuuidv1(); // ⇨ '2c5ea4c0-4067-11e9-8bad-9b1deb4d3b7d'\n```\n\nExample using `options`:\n\n```javascript\nimport { v1 as uuidv1 } from 'uuid';\n\nconst v1options = {\n node: [0x01, 0x23, 0x45, 0x67, 0x89, 0xab],\n clockseq: 0x1234,\n msecs: new Date('2011-11-01').getTime(),\n nsecs: 5678,\n};\nuuidv1(v1options); // ⇨ '710b962e-041c-11e1-9234-0123456789ab'\n```\n\n### uuid.v3(name, namespace[, buffer[, offset]])\n\nCreate an RFC version 3 (namespace w/ MD5) UUID\n\nAPI is identical to `v5()`, but uses \"v3\" instead.\n\n⚠️ Note: Per the RFC, \"_If backward compatibility is not an issue, SHA-1 [Version 5] is preferred_.\"\n\n### uuid.v4([options[, buffer[, offset]]])\n\nCreate an RFC version 4 (random) UUID\n\n| | |\n| --- | --- |\n| [`options`] | `Object` with one or more of the following properties: |\n| [`options.random`] | `Array` of 16 random bytes (0-255) |\n| [`options.rng`] | Alternative to `options.random`, a `Function` that returns an `Array` of 16 random bytes (0-255) |\n| [`buffer`] | `Array \\| Buffer` If specified, uuid will be written here in byte-form, starting at `offset` |\n| [`offset` = 0] | `Number` Index to start writing UUID bytes in `buffer` |\n| _returns_ | UUID `String` if no `buffer` is specified, otherwise returns `buffer` |\n\nExample:\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\n\nuuidv4(); // ⇨ '1b9d6bcd-bbfd-4b2d-9b5d-ab8dfbbd4bed'\n```\n\nExample using predefined `random` values:\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\n\nconst v4options = {\n random: [\n 0x10,\n 0x91,\n 0x56,\n 0xbe,\n 0xc4,\n 0xfb,\n 0xc1,\n 0xea,\n 0x71,\n 0xb4,\n 0xef,\n 0xe1,\n 0x67,\n 0x1c,\n 0x58,\n 0x36,\n ],\n};\nuuidv4(v4options); // ⇨ '109156be-c4fb-41ea-b1b4-efe1671c5836'\n```\n\n### uuid.v5(name, namespace[, buffer[, offset]])\n\nCreate an RFC version 5 (namespace w/ SHA-1) UUID\n\n| | |\n| --- | --- |\n| `name` | `String \\| Array` |\n| `namespace` | `String \\| Array[16]` Namespace UUID |\n| [`buffer`] | `Array \\| Buffer` If specified, uuid will be written here in byte-form, starting at `offset` |\n| [`offset` = 0] | `Number` Index to start writing UUID bytes in `buffer` |\n| _returns_ | UUID `String` if no `buffer` is specified, otherwise returns `buffer` |\n\nNote: The RFC `DNS` and `URL` namespaces are available as `v5.DNS` and `v5.URL`.\n\nExample with custom namespace:\n\n```javascript\nimport { v5 as uuidv5 } from 'uuid';\n\n// Define a custom namespace. Readers, create your own using something like\n// https://www.uuidgenerator.net/\nconst MY_NAMESPACE = '1b671a64-40d5-491e-99b0-da01ff1f3341';\n\nuuidv5('Hello, World!', MY_NAMESPACE); // ⇨ '630eb68f-e0fa-5ecc-887a-7c7a62614681'\n```\n\nExample with RFC `URL` namespace:\n\n```javascript\nimport { v5 as uuidv5 } from 'uuid';\n\nuuidv5('https://www.w3.org/', uuidv5.URL); // ⇨ 'c106a26a-21bb-5538-8bf2-57095d1976c1'\n```\n\n### uuid.validate(str)\n\nTest a string to see if it is a valid UUID\n\n| | |\n| --------- | --------------------------------------------------- |\n| `str` | `String` to validate |\n| _returns_ | `true` if string is a valid UUID, `false` otherwise |\n\nExample:\n\n```javascript\nimport { validate as uuidValidate } from 'uuid';\n\nuuidValidate('not a UUID'); // ⇨ false\nuuidValidate('6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b'); // ⇨ true\n```\n\nUsing `validate` and `version` together it is possible to do per-version validation, e.g. validate for only v4 UUIds.\n\n```javascript\nimport { version as uuidVersion } from 'uuid';\nimport { validate as uuidValidate } from 'uuid';\n\nfunction uuidValidateV4(uuid) {\n return uuidValidate(uuid) && uuidVersion(uuid) === 4;\n}\n\nconst v1Uuid = 'd9428888-122b-11e1-b85c-61cd3cbb3210';\nconst v4Uuid = '109156be-c4fb-41ea-b1b4-efe1671c5836';\n\nuuidValidateV4(v4Uuid); // ⇨ true\nuuidValidateV4(v1Uuid); // ⇨ false\n```\n\n### uuid.version(str)\n\nDetect RFC version of a UUID\n\n| | |\n| --------- | ---------------------------------------- |\n| `str` | A valid UUID `String` |\n| _returns_ | `Number` The RFC version of the UUID |\n| _throws_ | `TypeError` if `str` is not a valid UUID |\n\nExample:\n\n```javascript\nimport { version as uuidVersion } from 'uuid';\n\nuuidVersion('45637ec4-c85f-11ea-87d0-0242ac130003'); // ⇨ 1\nuuidVersion('6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b'); // ⇨ 4\n```\n\n## Command Line\n\nUUIDs can be generated from the command line using `uuid`.\n\n```shell\n$ uuid\nddeb27fb-d9a0-4624-be4d-4615062daed4\n```\n\nThe default is to generate version 4 UUIDS, however the other versions are supported. Type `uuid --help` for details:\n\n```shell\n$ uuid --help\n\nUsage:\n uuid\n uuid v1\n uuid v3 \n uuid v4\n uuid v5 \n uuid --help\n\nNote: may be \"URL\" or \"DNS\" to use the corresponding UUIDs\ndefined by RFC4122\n```\n\n## ECMAScript Modules\n\nThis library comes with [ECMAScript Modules](https://www.ecma-international.org/ecma-262/6.0/#sec-modules) (ESM) support for Node.js versions that support it ([example](./examples/node-esmodules/)) as well as bundlers like [rollup.js](https://rollupjs.org/guide/en/#tree-shaking) ([example](./examples/browser-rollup/)) and [webpack](https://webpack.js.org/guides/tree-shaking/) ([example](./examples/browser-webpack/)) (targeting both, Node.js and browser environments).\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\nuuidv4(); // ⇨ '1b9d6bcd-bbfd-4b2d-9b5d-ab8dfbbd4bed'\n```\n\nTo run the examples you must first create a dist build of this library in the module root:\n\n```shell\nnpm run build\n```\n\n## CDN Builds\n\n### ECMAScript Modules\n\nTo load this module directly into modern browsers that [support loading ECMAScript Modules](https://caniuse.com/#feat=es6-module) you can make use of [jspm](https://jspm.org/):\n\n```html\n\n```\n\n### UMD\n\nTo load this module directly into older browsers you can use the [UMD (Universal Module Definition)](https://github.com/umdjs/umd) builds from any of the following CDNs:\n\n**Using [UNPKG](https://unpkg.com/uuid@latest/dist/umd/)**:\n\n```html\n\n```\n\n**Using [jsDelivr](https://cdn.jsdelivr.net/npm/uuid@latest/dist/umd/)**:\n\n```html\n\n```\n\n**Using [cdnjs](https://cdnjs.com/libraries/uuid)**:\n\n```html\n\n```\n\nThese CDNs all provide the same [`uuidv4()`](#uuidv4options-buffer-offset) method:\n\n```html\n\n```\n\nMethods for the other algorithms ([`uuidv1()`](#uuidv1options-buffer-offset), [`uuidv3()`](#uuidv3name-namespace-buffer-offset) and [`uuidv5()`](#uuidv5name-namespace-buffer-offset)) are available from the files `uuidv1.min.js`, `uuidv3.min.js` and `uuidv5.min.js` respectively.\n\n## \"getRandomValues() not supported\"\n\nThis error occurs in environments where the standard [`crypto.getRandomValues()`](https://developer.mozilla.org/en-US/docs/Web/API/Crypto/getRandomValues) API is not supported. This issue can be resolved by adding an appropriate polyfill:\n\n### React Native / Expo\n\n1. Install [`react-native-get-random-values`](https://github.com/LinusU/react-native-get-random-values#readme)\n1. Import it _before_ `uuid`. Since `uuid` might also appear as a transitive dependency of some other imports it's safest to just import `react-native-get-random-values` as the very first thing in your entry point:\n\n```javascript\nimport 'react-native-get-random-values';\nimport { v4 as uuidv4 } from 'uuid';\n```\n\nNote: If you are using Expo, you must be using at least `react-native-get-random-values@1.5.0` and `expo@39.0.0`.\n\n### Web Workers / Service Workers (Edge <= 18)\n\n[In Edge <= 18, Web Crypto is not supported in Web Workers or Service Workers](https://caniuse.com/#feat=cryptography) and we are not aware of a polyfill (let us know if you find one, please).\n\n## Upgrading From `uuid@7.x`\n\n### Only Named Exports Supported When Using with Node.js ESM\n\n`uuid@7.x` did not come with native ECMAScript Module (ESM) support for Node.js. Importing it in Node.js ESM consequently imported the CommonJS source with a default export. This library now comes with true Node.js ESM support and only provides named exports.\n\nInstead of doing:\n\n```javascript\nimport uuid from 'uuid';\nuuid.v4();\n```\n\nyou will now have to use the named exports:\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\nuuidv4();\n```\n\n### Deep Requires No Longer Supported\n\nDeep requires like `require('uuid/v4')` [which have been deprecated in `uuid@7.x`](#deep-requires-now-deprecated) are no longer supported.\n\n## Upgrading From `uuid@3.x`\n\n\"_Wait... what happened to `uuid@4.x` - `uuid@6.x`?!?_\"\n\nIn order to avoid confusion with RFC [version 4](#uuidv4options-buffer-offset) and [version 5](#uuidv5name-namespace-buffer-offset) UUIDs, and a possible [version 6](http://gh.peabody.io/uuidv6/), releases 4 thru 6 of this module have been skipped.\n\n### Deep Requires Now Deprecated\n\n`uuid@3.x` encouraged the use of deep requires to minimize the bundle size of browser builds:\n\n```javascript\nconst uuidv4 = require('uuid/v4'); // <== NOW DEPRECATED!\nuuidv4();\n```\n\nAs of `uuid@7.x` this library now provides ECMAScript modules builds, which allow packagers like Webpack and Rollup to do \"tree-shaking\" to remove dead code. Instead, use the `import` syntax:\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\nuuidv4();\n```\n\n... or for CommonJS:\n\n```javascript\nconst { v4: uuidv4 } = require('uuid');\nuuidv4();\n```\n\n### Default Export Removed\n\n`uuid@3.x` was exporting the Version 4 UUID method as a default export:\n\n```javascript\nconst uuid = require('uuid'); // <== REMOVED!\n```\n\nThis usage pattern was already discouraged in `uuid@3.x` and has been removed in `uuid@7.x`.\n\n----\nMarkdown generated from [README_js.md](README_js.md) by [![RunMD Logo](http://i.imgur.com/h0FVyzU.png)](https://github.com/broofa/runmd)", + "readmeFilename": "README.md", + "_args": "[Circular]", + "dependencies": {}, + "optionalDependencies": "[Circular]", + "_dependencies": "[Circular]", + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuid", + "error": "[Circular]", + "extraneous": false, + "_deduped": "uuid" + } + }, + "deprecated": false, + "description": "uuidv4 creates v4 UUIDs.", + "devDependencies": { + "assertthat": "6.4.0", + "roboter": "12.7.1", + "semantic-release-configuration": "2.0.7" + }, + "homepage": "https://github.com/thenativeweb/uuidv4#readme", + "keywords": [ + "guid", + "uuid" + ], + "license": "MIT", + "main": "build/lib/uuidv4.js", + "name": "uuidv4", + "private": false, + "repository": { + "type": "git", + "url": "git://github.com/thenativeweb/uuidv4.git" + }, + "scripts": {}, + "types": "build/lib/uuidv4.d.ts", + "version": "6.2.13", + "readme": "# uuidv4\n\nuuidv4 creates v4 UUIDs.\n\n## Status\n\n| Category | Status |\n| ---------------- | --------------------------------------------------------------------------------------------------- |\n| Version | [![npm](https://img.shields.io/npm/v/uuidv4)](https://www.npmjs.com/package/uuidv4) |\n| Dependencies | ![David](https://img.shields.io/david/thenativeweb/uuidv4) |\n| Dev dependencies | ![David](https://img.shields.io/david/dev/thenativeweb/uuidv4) |\n| Build | ![GitHub Actions](https://github.com/thenativeweb/uuidv4/workflows/Release/badge.svg?branch=main) |\n| License | ![GitHub](https://img.shields.io/github/license/thenativeweb/uuidv4) |\n\n## Please note\n\nThis module will be deprecated in the future in favour of module [uuid](https://www.npmjs.com/package/uuid). Most of the functionality of this module is already included in `uuid` since version `8.3.0`, so most of the functions of this module have already been marked as deprecated.\n\n## Installation\n\n```shell\n$ npm install uuidv4\n```\n\n## Quick start\n\nFirst you need to integrate uuidv4 into your project by using the `require` function:\n\n```javascript\nconst { uuid } = require('uuidv4');\n```\n\nIf you use TypeScript, use the following code instead:\n\n```typescript\nimport { uuid } from 'uuidv4';\n```\n\nThen you can create UUIDs. To do so simply call the `uuid` function:\n\n```javascript\nconsole.log(uuid());\n// => '11bf5b37-e0b8-42e0-8dcf-dc8c4aefc000'\n```\n\n### Verifying a UUID\n\nTo verify whether a given value is a UUID, use the `isUuid` function:\n\n```javascript\nimport { isUuid } from 'uuidv4';\n\nconsole.log(isUuid('75442486-0878-440c-9db1-a7006c25a39f'));\n// => true\n```\n\n_Please note that the `isUuid` function returns `true` for both, `v4` and `v5` UUIDs. In addition, `isUuid` returns `true` for `empty()`._\n\n#### Using a regular expression\n\nIf you want to perform the verification on your own using a regular expression, use the `regex` property, and access its `v4` or `v5` property, depending on what you need:\n\n```javascript\nimport { regex } from 'uuidv4';\n\nconsole.log(regex.v4);\nconsole.log(regex.v5);\n```\n\n_Please note that the regular expressions also consider `empty()` to be a valid UUID._\n\n#### Using a JSON schema\n\nIf you want to perform the verification on your own using a JSON schema, use the `jsonSchema` property, and access its `v4` or `v5` property, depending on what you need:\n\n```javascript\nimport { jsonSchema } from 'uuidv4';\n\nconsole.log(jsonSchema.v4);\nconsole.log(jsonSchema.v5);\n```\n\n_Please note that the JSON schemas also consider `empty()` to be a valid UUID._\n\n### Getting a UUID from a string\n\nFrom time to time you need an identifier that looks like a UUID, but is actually inferred from a string. For that, use the `fromString` function, which returns a UUID `v5`:\n\n```javascript\nimport { fromString } from 'uuidv4';\n\nconsole.log(fromString('the native web'));\n// => 'cdb63720-9628-5ef6-bbca-2e5ce6094f3c'\n```\n\nBy default, the `fromString` function uses a pre-configured namespace. If you want to use your own namespace, provide a UUID as second parameter:\n\n```javascript\nimport { fromString } from 'uuidv4';\n\nconsole.log(fromString('the native web', '004aadf4-8e1a-4450-905b-6039179f52da'));\n// => 'b1c4a89e-4905-5e3c-b57f-dc92627d011e'\n```\n\n### Getting the empty UUID\n\nIf you need a UUID that consists only of zeros, use the `empty` function:\n\n```javascript\nimport { empty } from 'uuidv4';\n\nconsole.log(empty());\n// => '00000000-0000-0000-0000-000000000000'\n```\n\n## Running quality assurance\n\nTo run quality assurance for this module use [roboter](https://www.npmjs.com/package/roboter):\n\n```shell\n$ npx roboter\n```\n", + "readmeFilename": "README.md", + "_optional": true, + "_args": [ + [ + "uuidv4@6.2.13", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project" + ] + ], + "optionalDependencies": {}, + "_dependencies": { + "@types/uuid": "8.3.4", + "uuid": "8.3.2" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuidv4", + "error": "[Circular]", + "extraneous": false + } + }, + "_id": "demo-dev-dependencies@0.0.0", + "_shrinkwrap": { + "name": "demo-dev-dependencies", + "version": "0.0.0", + "lockfileVersion": 1, + "requires": true, + "dependencies": { + "@types/node": { + "version": "20.12.8", + "resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "integrity": "sha512-NU0rJLJnshZWdE/097cdCBbyW1h4hEg0xpovcoAQYHl8dnEyp/NAOiE45pvc+Bd1Dt+2r94v2eGFpQJ4R7g+2w==", + "dev": true, + "requires": { + "undici-types": "~5.26.4" + } + }, + "@types/uuid": { + "version": "8.3.4", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==" + }, + "undici-types": { + "version": "5.26.5", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==", + "dev": true + }, + "uuid": { + "version": "8.3.2", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==" + }, + "uuidv4": { + "version": "6.2.13", + "resolved": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "integrity": "sha512-AXyzMjazYB3ovL3q051VLH06Ixj//Knx7QnUSi1T//Ie3io6CpsPu9nVMOx5MoLWh6xV0B9J0hIaxungxXUbPQ==", + "optional": true, + "requires": { + "@types/uuid": "8.3.4", + "uuid": "8.3.2" + } + } + } + }, + "_dependencies": { + "uuidv4": "^6.2.13" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project", + "error": "[Circular]", + "extraneous": false +} diff --git a/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm6_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm6_node22_ubuntu-latest.json new file mode 100644 index 00000000..2584f355 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm6_node22_ubuntu-latest.json @@ -0,0 +1,839 @@ +{ + "name": "demo-dev-dependencies", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "private": true, + "version": "0.0.0", + "license": "Apache-2.0", + "optionalDependencies": { + "uuidv4": "^6.2.13" + }, + "devDependencies": { + "@types/node": ">=16", + "@types/uuid": "^8", + "uuid": "^8" + }, + "readme": "ERROR: No README data found!", + "dependencies": { + "@types/node": { + "_from": "@types/node@>=16", + "_id": "@types/node@20.12.8", + "_integrity": "sha512-NU0rJLJnshZWdE/097cdCBbyW1h4hEg0xpovcoAQYHl8dnEyp/NAOiE45pvc+Bd1Dt+2r94v2eGFpQJ4R7g+2w==", + "_location": "/@types/node", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "@types/node@20.12.8", + "name": "@types/node", + "escapedName": "@types%2fnode", + "scope": "@types", + "rawSpec": "20.12.8", + "saveSpec": null, + "fetchSpec": "20.12.8" + }, + "_requiredBy": [ + "#DEV:/" + ], + "_resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "_shasum": "35897bf2bfe3469847ab04634636de09552e8256", + "_spec": "20.12.8", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project", + "bugs": { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues" + }, + "contributors": [ + { + "name": "Microsoft TypeScript", + "url": "https://github.com/Microsoft" + }, + { + "name": "Alberto Schiabel", + "url": "https://github.com/jkomyno" + }, + { + "name": "Alvis HT Tang", + "url": "https://github.com/alvis" + }, + { + "name": "Andrew Makarov", + "url": "https://github.com/r3nya" + }, + { + "name": "Benjamin Toueg", + "url": "https://github.com/btoueg" + }, + { + "name": "Chigozirim C.", + "url": "https://github.com/smac89" + }, + { + "name": "David Junger", + "url": "https://github.com/touffy" + }, + { + "name": "Deividas Bakanas", + "url": "https://github.com/DeividasBakanas" + }, + { + "name": "Eugene Y. Q. Shen", + "url": "https://github.com/eyqs" + }, + { + "name": "Hannes Magnusson", + "url": "https://github.com/Hannes-Magnusson-CK" + }, + { + "name": "Huw", + "url": "https://github.com/hoo29" + }, + { + "name": "Kelvin Jin", + "url": "https://github.com/kjin" + }, + { + "name": "Klaus Meinhardt", + "url": "https://github.com/ajafff" + }, + { + "name": "Lishude", + "url": "https://github.com/islishude" + }, + { + "name": "Mariusz Wiktorczyk", + "url": "https://github.com/mwiktorczyk" + }, + { + "name": "Mohsen Azimi", + "url": "https://github.com/mohsen1" + }, + { + "name": "Nikita Galkin", + "url": "https://github.com/galkin" + }, + { + "name": "Parambir Singh", + "url": "https://github.com/parambirs" + }, + { + "name": "Sebastian Silbermann", + "url": "https://github.com/eps1lon" + }, + { + "name": "Thomas den Hollander", + "url": "https://github.com/ThomasdenH" + }, + { + "name": "Wilco Bakker", + "url": "https://github.com/WilcoBakker" + }, + { + "name": "wwwy3y3", + "url": "https://github.com/wwwy3y3" + }, + { + "name": "Samuel Ainsworth", + "url": "https://github.com/samuela" + }, + { + "name": "Kyle Uehlein", + "url": "https://github.com/kuehlein" + }, + { + "name": "Thanik Bhongbhibhat", + "url": "https://github.com/bhongy" + }, + { + "name": "Marcin Kopacz", + "url": "https://github.com/chyzwar" + }, + { + "name": "Trivikram Kamat", + "url": "https://github.com/trivikr" + }, + { + "name": "Junxiao Shi", + "url": "https://github.com/yoursunny" + }, + { + "name": "Ilia Baryshnikov", + "url": "https://github.com/qwelias" + }, + { + "name": "ExE Boss", + "url": "https://github.com/ExE-Boss" + }, + { + "name": "Piotr Błażejewicz", + "url": "https://github.com/peterblazejewicz" + }, + { + "name": "Anna Henningsen", + "url": "https://github.com/addaleax" + }, + { + "name": "Victor Perin", + "url": "https://github.com/victorperin" + }, + { + "name": "Yongsheng Zhang", + "url": "https://github.com/ZYSzys" + }, + { + "name": "NodeJS Contributors", + "url": "https://github.com/NodeJS" + }, + { + "name": "Linus Unnebäck", + "url": "https://github.com/LinusU" + }, + { + "name": "wafuwafu13", + "url": "https://github.com/wafuwafu13" + }, + { + "name": "Matteo Collina", + "url": "https://github.com/mcollina" + }, + { + "name": "Dmitry Semigradsky", + "url": "https://github.com/Semigradsky" + } + ], + "dependencies": { + "undici-types": { + "_from": "undici-types@~5.26.4", + "_id": "undici-types@5.26.5", + "_integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==", + "_location": "/undici-types", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "undici-types@5.26.5", + "name": "undici-types", + "escapedName": "undici-types", + "rawSpec": "5.26.5", + "saveSpec": "[Circular]", + "fetchSpec": "5.26.5" + }, + "_requiredBy": [ + "/@types/node" + ], + "_resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "_shasum": "bcd539893d00b56e964fd2657a4866b221a65617", + "_spec": "5.26.5", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project", + "bugs": { + "url": "https://github.com/nodejs/undici/issues" + }, + "contributors": [ + { + "name": "Daniele Belardi", + "url": "https://github.com/dnlup" + }, + { + "name": "Ethan Arrowood", + "url": "https://github.com/ethan-arrowood" + }, + { + "name": "Matteo Collina", + "url": "https://github.com/mcollina" + }, + { + "name": "Matthew Aitken", + "url": "https://github.com/KhafraDev" + }, + { + "name": "Robert Nagy", + "url": "https://github.com/ronag" + }, + { + "name": "Szymon Marczak", + "url": "https://github.com/szmarczak" + }, + { + "name": "Tomas Della Vedova", + "url": "https://github.com/delvedor" + } + ], + "deprecated": false, + "description": "A stand-alone types package for Undici", + "files": [ + "*.d.ts" + ], + "homepage": "https://undici.nodejs.org", + "license": "MIT", + "name": "undici-types", + "repository": { + "type": "git", + "url": "git+https://github.com/nodejs/undici.git" + }, + "types": "index.d.ts", + "version": "5.26.5", + "readme": "# undici-types\n\nThis package is a dual-publish of the [undici](https://www.npmjs.com/package/undici) library types. The `undici` package **still contains types**. This package is for users who _only_ need undici types (such as for `@types/node`). It is published alongside every release of `undici`, so you can always use the same version.\n\n- [GitHub nodejs/undici](https://github.com/nodejs/undici)\n- [Undici Documentation](https://undici.nodejs.org/#/)\n", + "readmeFilename": "README.md", + "_development": true, + "_args": [ + [ + "undici-types@5.26.5", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project" + ] + ], + "dependencies": {}, + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/undici-types", + "error": "[Circular]", + "extraneous": false + } + }, + "deprecated": false, + "description": "TypeScript definitions for node", + "homepage": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node", + "license": "MIT", + "main": "", + "name": "@types/node", + "repository": { + "type": "git", + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git", + "directory": "types/node" + }, + "scripts": {}, + "typeScriptVersion": "4.7", + "types": "index.d.ts", + "typesPublisherContentHash": "5ff1c25113c701fc2321b0b620459a659788987291b6c00cde19caf71688f6ae", + "version": "20.12.8", + "readme": "# Installation\r\n> `npm install --save @types/node`\r\n\r\n# Summary\r\nThis package contains type definitions for node (https://nodejs.org/).\r\n\r\n# Details\r\nFiles were exported from https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node.\r\n\r\n### Additional Details\r\n * Last updated: Wed, 01 May 2024 18:36:06 GMT\r\n * Dependencies: [undici-types](https://npmjs.com/package/undici-types)\r\n\r\n# Credits\r\nThese definitions were written by [Microsoft TypeScript](https://github.com/Microsoft), [Alberto Schiabel](https://github.com/jkomyno), [Alvis HT Tang](https://github.com/alvis), [Andrew Makarov](https://github.com/r3nya), [Benjamin Toueg](https://github.com/btoueg), [Chigozirim C.](https://github.com/smac89), [David Junger](https://github.com/touffy), [Deividas Bakanas](https://github.com/DeividasBakanas), [Eugene Y. Q. Shen](https://github.com/eyqs), [Hannes Magnusson](https://github.com/Hannes-Magnusson-CK), [Huw](https://github.com/hoo29), [Kelvin Jin](https://github.com/kjin), [Klaus Meinhardt](https://github.com/ajafff), [Lishude](https://github.com/islishude), [Mariusz Wiktorczyk](https://github.com/mwiktorczyk), [Mohsen Azimi](https://github.com/mohsen1), [Nikita Galkin](https://github.com/galkin), [Parambir Singh](https://github.com/parambirs), [Sebastian Silbermann](https://github.com/eps1lon), [Thomas den Hollander](https://github.com/ThomasdenH), [Wilco Bakker](https://github.com/WilcoBakker), [wwwy3y3](https://github.com/wwwy3y3), [Samuel Ainsworth](https://github.com/samuela), [Kyle Uehlein](https://github.com/kuehlein), [Thanik Bhongbhibhat](https://github.com/bhongy), [Marcin Kopacz](https://github.com/chyzwar), [Trivikram Kamat](https://github.com/trivikr), [Junxiao Shi](https://github.com/yoursunny), [Ilia Baryshnikov](https://github.com/qwelias), [ExE Boss](https://github.com/ExE-Boss), [Piotr Błażejewicz](https://github.com/peterblazejewicz), [Anna Henningsen](https://github.com/addaleax), [Victor Perin](https://github.com/victorperin), [Yongsheng Zhang](https://github.com/ZYSzys), [NodeJS Contributors](https://github.com/NodeJS), [Linus Unnebäck](https://github.com/LinusU), [wafuwafu13](https://github.com/wafuwafu13), [Matteo Collina](https://github.com/mcollina), and [Dmitry Semigradsky](https://github.com/Semigradsky).\r\n", + "readmeFilename": "README.md", + "_development": true, + "_args": [ + [ + "@types/node@20.12.8", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project" + ] + ], + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": { + "undici-types": "~5.26.4" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/node", + "error": "[Circular]", + "extraneous": false + }, + "@types/uuid": { + "_from": "@types/uuid@8.3.4", + "_id": "@types/uuid@8.3.4", + "_integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "_location": "/@types/uuid", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "@types/uuid@8.3.4", + "name": "@types/uuid", + "escapedName": "@types%2fuuid", + "scope": "@types", + "rawSpec": "8.3.4", + "saveSpec": "[Circular]", + "fetchSpec": "8.3.4" + }, + "_requiredBy": [ + "#DEV:/", + "/uuidv4" + ], + "_resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "_shasum": "bd86a43617df0594787d38b735f55c805becf1bc", + "_spec": "8.3.4", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project", + "bugs": { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues" + }, + "contributors": [ + { + "name": "Oliver Hoffmann", + "url": "https://github.com/iamolivinius" + }, + { + "name": "Felipe Ochoa", + "url": "https://github.com/felipeochoa" + }, + { + "name": "Chris Barth", + "url": "https://github.com/cjbarth" + }, + { + "name": "Linus Unnebäck", + "url": "https://github.com/LinusU" + }, + { + "name": "Christoph Tavan", + "url": "https://github.com/ctavan" + } + ], + "dependencies": {}, + "deprecated": false, + "description": "TypeScript definitions for uuid", + "exports": { + "./package.json": "./package.json", + ".": { + "types": { + "import": "./index.d.mts", + "default": "./index.d.ts" + } + } + }, + "homepage": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/uuid", + "license": "MIT", + "main": "", + "name": "@types/uuid", + "repository": { + "type": "git", + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git", + "directory": "types/uuid" + }, + "scripts": {}, + "typeScriptVersion": "3.8", + "types": "index.d.ts", + "typesPublisherContentHash": "7bd9cd358e9e4357393eb0163c44f44dc265ab936b456743af6ed3d0d0ac644f", + "version": "8.3.4", + "readme": "# Installation\r\n> `npm install --save @types/uuid`\r\n\r\n# Summary\r\nThis package contains type definitions for uuid (https://github.com/uuidjs/uuid).\r\n\r\n# Details\r\nFiles were exported from https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/uuid.\r\n\r\n### Additional Details\r\n * Last updated: Thu, 06 Jan 2022 07:31:27 GMT\r\n * Dependencies: none\r\n * Global values: none\r\n\r\n# Credits\r\nThese definitions were written by [Oliver Hoffmann](https://github.com/iamolivinius), [Felipe Ochoa](https://github.com/felipeochoa), [Chris Barth](https://github.com/cjbarth), [Linus Unnebäck](https://github.com/LinusU), and [Christoph Tavan](https://github.com/ctavan).\r\n", + "readmeFilename": "README.md", + "_args": [ + [ + "@types/uuid@8.3.4", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project" + ] + ], + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/uuid", + "error": "[Circular]", + "extraneous": false + }, + "uuid": { + "_from": "uuid@8.3.2", + "_id": "uuid@8.3.2", + "_integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "_location": "/uuid", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "uuid@8.3.2", + "name": "uuid", + "escapedName": "uuid", + "rawSpec": "8.3.2", + "saveSpec": "[Circular]", + "fetchSpec": "8.3.2" + }, + "_requiredBy": [ + "#DEV:/", + "/uuidv4" + ], + "_resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "_shasum": "80d5b5ced271bb9af6c445f21a1a04c606cefbe2", + "_spec": "8.3.2", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project", + "bin": { + "uuid": "dist/bin/uuid" + }, + "browser": { + "./dist/md5.js": "./dist/md5-browser.js", + "./dist/rng.js": "./dist/rng-browser.js", + "./dist/sha1.js": "./dist/sha1-browser.js", + "./dist/esm-node/index.js": "./dist/esm-browser/index.js" + }, + "bugs": { + "url": "https://github.com/uuidjs/uuid/issues" + }, + "commitlint": { + "extends": [ + "@commitlint/config-conventional" + ] + }, + "deprecated": false, + "description": "RFC4122 (v1, v4, and v5) UUIDs", + "devDependencies": { + "@babel/cli": "7.11.6", + "@babel/core": "7.11.6", + "@babel/preset-env": "7.11.5", + "@commitlint/cli": "11.0.0", + "@commitlint/config-conventional": "11.0.0", + "@rollup/plugin-node-resolve": "9.0.0", + "babel-eslint": "10.1.0", + "bundlewatch": "0.3.1", + "eslint": "7.10.0", + "eslint-config-prettier": "6.12.0", + "eslint-config-standard": "14.1.1", + "eslint-plugin-import": "2.22.1", + "eslint-plugin-node": "11.1.0", + "eslint-plugin-prettier": "3.1.4", + "eslint-plugin-promise": "4.2.1", + "eslint-plugin-standard": "4.0.1", + "husky": "4.3.0", + "jest": "25.5.4", + "lint-staged": "10.4.0", + "npm-run-all": "4.1.5", + "optional-dev-dependency": "2.0.1", + "prettier": "2.1.2", + "random-seed": "0.3.0", + "rollup": "2.28.2", + "rollup-plugin-terser": "7.0.2", + "runmd": "1.3.2", + "standard-version": "9.0.0" + }, + "exports": { + ".": { + "node": { + "module": "./dist/esm-node/index.js", + "require": "./dist/index.js", + "import": "./wrapper.mjs" + }, + "default": "./dist/esm-browser/index.js" + }, + "./package.json": "./package.json" + }, + "files": [ + "CHANGELOG.md", + "CONTRIBUTING.md", + "LICENSE.md", + "README.md", + "dist", + "wrapper.mjs" + ], + "homepage": "https://github.com/uuidjs/uuid#readme", + "husky": { + "hooks": { + "commit-msg": "commitlint -E HUSKY_GIT_PARAMS", + "pre-commit": "lint-staged" + } + }, + "keywords": [ + "uuid", + "guid", + "rfc4122" + ], + "license": "MIT", + "lint-staged": { + "*.{js,jsx,json,md}": [ + "prettier --write" + ], + "*.{js,jsx}": [ + "eslint --fix" + ] + }, + "main": "./dist/index.js", + "module": "./dist/esm-node/index.js", + "name": "uuid", + "optionalDevDependencies": { + "@wdio/browserstack-service": "6.4.0", + "@wdio/cli": "6.4.0", + "@wdio/jasmine-framework": "6.4.0", + "@wdio/local-runner": "6.4.0", + "@wdio/spec-reporter": "6.4.0", + "@wdio/static-server-service": "6.4.0", + "@wdio/sync": "6.4.0" + }, + "repository": { + "type": "git", + "url": "git+https://github.com/uuidjs/uuid.git" + }, + "scripts": { + "build": "./scripts/build.sh", + "bundlewatch": "npm run pretest:browser && bundlewatch --config bundlewatch.config.json", + "docs": "( node --version | grep -q 'v12' ) && ( npm run build && runmd --output=README.md README_js.md )", + "docs:diff": "npm run docs && git diff --quiet README.md", + "eslint:check": "eslint src/ test/ examples/ *.js", + "eslint:fix": "eslint --fix src/ test/ examples/ *.js", + "examples:browser:rollup:build": "cd examples/browser-rollup && npm install && npm run build", + "examples:browser:webpack:build": "cd examples/browser-webpack && npm install && npm run build", + "examples:node:commonjs:test": "cd examples/node-commonjs && npm install && npm test", + "examples:node:esmodules:test": "cd examples/node-esmodules && npm install && npm test", + "lint": "npm run eslint:check && npm run prettier:check", + "md": "runmd --watch --output=README.md README_js.md", + "prepack": "npm run build", + "pretest": "[ -n $CI ] || npm run build", + "pretest:benchmark": "npm run build", + "pretest:browser": "optional-dev-dependency && npm run build && npm-run-all --parallel examples:browser:**", + "pretest:node": "npm run build", + "prettier:check": "prettier --ignore-path .prettierignore --check '**/*.{js,jsx,json,md}'", + "prettier:fix": "prettier --ignore-path .prettierignore --write '**/*.{js,jsx,json,md}'", + "release": "standard-version --no-verify", + "test": "BABEL_ENV=commonjs node --throw-deprecation node_modules/.bin/jest test/unit/", + "test:benchmark": "cd examples/benchmark && npm install && npm test", + "test:browser": "wdio run ./wdio.conf.js", + "test:node": "npm-run-all --parallel examples:node:**", + "test:pack": "./scripts/testpack.sh" + }, + "sideEffects": false, + "standard-version": { + "scripts": { + "postchangelog": "prettier --write CHANGELOG.md" + } + }, + "version": "8.3.2", + "readme": "\n\n# uuid [![CI](https://github.com/uuidjs/uuid/workflows/CI/badge.svg)](https://github.com/uuidjs/uuid/actions?query=workflow%3ACI) [![Browser](https://github.com/uuidjs/uuid/workflows/Browser/badge.svg)](https://github.com/uuidjs/uuid/actions?query=workflow%3ABrowser)\n\nFor the creation of [RFC4122](http://www.ietf.org/rfc/rfc4122.txt) UUIDs\n\n- **Complete** - Support for RFC4122 version 1, 3, 4, and 5 UUIDs\n- **Cross-platform** - Support for ...\n - CommonJS, [ECMAScript Modules](#ecmascript-modules) and [CDN builds](#cdn-builds)\n - Node 8, 10, 12, 14\n - Chrome, Safari, Firefox, Edge, IE 11 browsers\n - Webpack and rollup.js module bundlers\n - [React Native / Expo](#react-native--expo)\n- **Secure** - Cryptographically-strong random values\n- **Small** - Zero-dependency, small footprint, plays nice with \"tree shaking\" packagers\n- **CLI** - Includes the [`uuid` command line](#command-line) utility\n\n**Upgrading from `uuid@3.x`?** Your code is probably okay, but check out [Upgrading From `uuid@3.x`](#upgrading-from-uuid3x) for details.\n\n## Quickstart\n\nTo create a random UUID...\n\n**1. Install**\n\n```shell\nnpm install uuid\n```\n\n**2. Create a UUID** (ES6 module syntax)\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\nuuidv4(); // ⇨ '9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d'\n```\n\n... or using CommonJS syntax:\n\n```javascript\nconst { v4: uuidv4 } = require('uuid');\nuuidv4(); // ⇨ '1b9d6bcd-bbfd-4b2d-9b5d-ab8dfbbd4bed'\n```\n\nFor timestamp UUIDs, namespace UUIDs, and other options read on ...\n\n## API Summary\n\n| | | |\n| --- | --- | --- |\n| [`uuid.NIL`](#uuidnil) | The nil UUID string (all zeros) | New in `uuid@8.3` |\n| [`uuid.parse()`](#uuidparsestr) | Convert UUID string to array of bytes | New in `uuid@8.3` |\n| [`uuid.stringify()`](#uuidstringifyarr-offset) | Convert array of bytes to UUID string | New in `uuid@8.3` |\n| [`uuid.v1()`](#uuidv1options-buffer-offset) | Create a version 1 (timestamp) UUID | |\n| [`uuid.v3()`](#uuidv3name-namespace-buffer-offset) | Create a version 3 (namespace w/ MD5) UUID | |\n| [`uuid.v4()`](#uuidv4options-buffer-offset) | Create a version 4 (random) UUID | |\n| [`uuid.v5()`](#uuidv5name-namespace-buffer-offset) | Create a version 5 (namespace w/ SHA-1) UUID | |\n| [`uuid.validate()`](#uuidvalidatestr) | Test a string to see if it is a valid UUID | New in `uuid@8.3` |\n| [`uuid.version()`](#uuidversionstr) | Detect RFC version of a UUID | New in `uuid@8.3` |\n\n## API\n\n### uuid.NIL\n\nThe nil UUID string (all zeros).\n\nExample:\n\n```javascript\nimport { NIL as NIL_UUID } from 'uuid';\n\nNIL_UUID; // ⇨ '00000000-0000-0000-0000-000000000000'\n```\n\n### uuid.parse(str)\n\nConvert UUID string to array of bytes\n\n| | |\n| --------- | ---------------------------------------- |\n| `str` | A valid UUID `String` |\n| _returns_ | `Uint8Array[16]` |\n| _throws_ | `TypeError` if `str` is not a valid UUID |\n\nNote: Ordering of values in the byte arrays used by `parse()` and `stringify()` follows the left ↠ right order of hex-pairs in UUID strings. As shown in the example below.\n\nExample:\n\n```javascript\nimport { parse as uuidParse } from 'uuid';\n\n// Parse a UUID\nconst bytes = uuidParse('6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b');\n\n// Convert to hex strings to show byte order (for documentation purposes)\n[...bytes].map((v) => v.toString(16).padStart(2, '0')); // ⇨ \n // [\n // '6e', 'c0', 'bd', '7f',\n // '11', 'c0', '43', 'da',\n // '97', '5e', '2a', '8a',\n // 'd9', 'eb', 'ae', '0b'\n // ]\n```\n\n### uuid.stringify(arr[, offset])\n\nConvert array of bytes to UUID string\n\n| | |\n| -------------- | ---------------------------------------------------------------------------- |\n| `arr` | `Array`-like collection of 16 values (starting from `offset`) between 0-255. |\n| [`offset` = 0] | `Number` Starting index in the Array |\n| _returns_ | `String` |\n| _throws_ | `TypeError` if a valid UUID string cannot be generated |\n\nNote: Ordering of values in the byte arrays used by `parse()` and `stringify()` follows the left ↠ right order of hex-pairs in UUID strings. As shown in the example below.\n\nExample:\n\n```javascript\nimport { stringify as uuidStringify } from 'uuid';\n\nconst uuidBytes = [\n 0x6e,\n 0xc0,\n 0xbd,\n 0x7f,\n 0x11,\n 0xc0,\n 0x43,\n 0xda,\n 0x97,\n 0x5e,\n 0x2a,\n 0x8a,\n 0xd9,\n 0xeb,\n 0xae,\n 0x0b,\n];\n\nuuidStringify(uuidBytes); // ⇨ '6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b'\n```\n\n### uuid.v1([options[, buffer[, offset]]])\n\nCreate an RFC version 1 (timestamp) UUID\n\n| | |\n| --- | --- |\n| [`options`] | `Object` with one or more of the following properties: |\n| [`options.node` ] | RFC \"node\" field as an `Array[6]` of byte values (per 4.1.6) |\n| [`options.clockseq`] | RFC \"clock sequence\" as a `Number` between 0 - 0x3fff |\n| [`options.msecs`] | RFC \"timestamp\" field (`Number` of milliseconds, unix epoch) |\n| [`options.nsecs`] | RFC \"timestamp\" field (`Number` of nanseconds to add to `msecs`, should be 0-10,000) |\n| [`options.random`] | `Array` of 16 random bytes (0-255) |\n| [`options.rng`] | Alternative to `options.random`, a `Function` that returns an `Array` of 16 random bytes (0-255) |\n| [`buffer`] | `Array \\| Buffer` If specified, uuid will be written here in byte-form, starting at `offset` |\n| [`offset` = 0] | `Number` Index to start writing UUID bytes in `buffer` |\n| _returns_ | UUID `String` if no `buffer` is specified, otherwise returns `buffer` |\n| _throws_ | `Error` if more than 10M UUIDs/sec are requested |\n\nNote: The default [node id](https://tools.ietf.org/html/rfc4122#section-4.1.6) (the last 12 digits in the UUID) is generated once, randomly, on process startup, and then remains unchanged for the duration of the process.\n\nNote: `options.random` and `options.rng` are only meaningful on the very first call to `v1()`, where they may be passed to initialize the internal `node` and `clockseq` fields.\n\nExample:\n\n```javascript\nimport { v1 as uuidv1 } from 'uuid';\n\nuuidv1(); // ⇨ '2c5ea4c0-4067-11e9-8bad-9b1deb4d3b7d'\n```\n\nExample using `options`:\n\n```javascript\nimport { v1 as uuidv1 } from 'uuid';\n\nconst v1options = {\n node: [0x01, 0x23, 0x45, 0x67, 0x89, 0xab],\n clockseq: 0x1234,\n msecs: new Date('2011-11-01').getTime(),\n nsecs: 5678,\n};\nuuidv1(v1options); // ⇨ '710b962e-041c-11e1-9234-0123456789ab'\n```\n\n### uuid.v3(name, namespace[, buffer[, offset]])\n\nCreate an RFC version 3 (namespace w/ MD5) UUID\n\nAPI is identical to `v5()`, but uses \"v3\" instead.\n\n⚠️ Note: Per the RFC, \"_If backward compatibility is not an issue, SHA-1 [Version 5] is preferred_.\"\n\n### uuid.v4([options[, buffer[, offset]]])\n\nCreate an RFC version 4 (random) UUID\n\n| | |\n| --- | --- |\n| [`options`] | `Object` with one or more of the following properties: |\n| [`options.random`] | `Array` of 16 random bytes (0-255) |\n| [`options.rng`] | Alternative to `options.random`, a `Function` that returns an `Array` of 16 random bytes (0-255) |\n| [`buffer`] | `Array \\| Buffer` If specified, uuid will be written here in byte-form, starting at `offset` |\n| [`offset` = 0] | `Number` Index to start writing UUID bytes in `buffer` |\n| _returns_ | UUID `String` if no `buffer` is specified, otherwise returns `buffer` |\n\nExample:\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\n\nuuidv4(); // ⇨ '1b9d6bcd-bbfd-4b2d-9b5d-ab8dfbbd4bed'\n```\n\nExample using predefined `random` values:\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\n\nconst v4options = {\n random: [\n 0x10,\n 0x91,\n 0x56,\n 0xbe,\n 0xc4,\n 0xfb,\n 0xc1,\n 0xea,\n 0x71,\n 0xb4,\n 0xef,\n 0xe1,\n 0x67,\n 0x1c,\n 0x58,\n 0x36,\n ],\n};\nuuidv4(v4options); // ⇨ '109156be-c4fb-41ea-b1b4-efe1671c5836'\n```\n\n### uuid.v5(name, namespace[, buffer[, offset]])\n\nCreate an RFC version 5 (namespace w/ SHA-1) UUID\n\n| | |\n| --- | --- |\n| `name` | `String \\| Array` |\n| `namespace` | `String \\| Array[16]` Namespace UUID |\n| [`buffer`] | `Array \\| Buffer` If specified, uuid will be written here in byte-form, starting at `offset` |\n| [`offset` = 0] | `Number` Index to start writing UUID bytes in `buffer` |\n| _returns_ | UUID `String` if no `buffer` is specified, otherwise returns `buffer` |\n\nNote: The RFC `DNS` and `URL` namespaces are available as `v5.DNS` and `v5.URL`.\n\nExample with custom namespace:\n\n```javascript\nimport { v5 as uuidv5 } from 'uuid';\n\n// Define a custom namespace. Readers, create your own using something like\n// https://www.uuidgenerator.net/\nconst MY_NAMESPACE = '1b671a64-40d5-491e-99b0-da01ff1f3341';\n\nuuidv5('Hello, World!', MY_NAMESPACE); // ⇨ '630eb68f-e0fa-5ecc-887a-7c7a62614681'\n```\n\nExample with RFC `URL` namespace:\n\n```javascript\nimport { v5 as uuidv5 } from 'uuid';\n\nuuidv5('https://www.w3.org/', uuidv5.URL); // ⇨ 'c106a26a-21bb-5538-8bf2-57095d1976c1'\n```\n\n### uuid.validate(str)\n\nTest a string to see if it is a valid UUID\n\n| | |\n| --------- | --------------------------------------------------- |\n| `str` | `String` to validate |\n| _returns_ | `true` if string is a valid UUID, `false` otherwise |\n\nExample:\n\n```javascript\nimport { validate as uuidValidate } from 'uuid';\n\nuuidValidate('not a UUID'); // ⇨ false\nuuidValidate('6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b'); // ⇨ true\n```\n\nUsing `validate` and `version` together it is possible to do per-version validation, e.g. validate for only v4 UUIds.\n\n```javascript\nimport { version as uuidVersion } from 'uuid';\nimport { validate as uuidValidate } from 'uuid';\n\nfunction uuidValidateV4(uuid) {\n return uuidValidate(uuid) && uuidVersion(uuid) === 4;\n}\n\nconst v1Uuid = 'd9428888-122b-11e1-b85c-61cd3cbb3210';\nconst v4Uuid = '109156be-c4fb-41ea-b1b4-efe1671c5836';\n\nuuidValidateV4(v4Uuid); // ⇨ true\nuuidValidateV4(v1Uuid); // ⇨ false\n```\n\n### uuid.version(str)\n\nDetect RFC version of a UUID\n\n| | |\n| --------- | ---------------------------------------- |\n| `str` | A valid UUID `String` |\n| _returns_ | `Number` The RFC version of the UUID |\n| _throws_ | `TypeError` if `str` is not a valid UUID |\n\nExample:\n\n```javascript\nimport { version as uuidVersion } from 'uuid';\n\nuuidVersion('45637ec4-c85f-11ea-87d0-0242ac130003'); // ⇨ 1\nuuidVersion('6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b'); // ⇨ 4\n```\n\n## Command Line\n\nUUIDs can be generated from the command line using `uuid`.\n\n```shell\n$ uuid\nddeb27fb-d9a0-4624-be4d-4615062daed4\n```\n\nThe default is to generate version 4 UUIDS, however the other versions are supported. Type `uuid --help` for details:\n\n```shell\n$ uuid --help\n\nUsage:\n uuid\n uuid v1\n uuid v3 \n uuid v4\n uuid v5 \n uuid --help\n\nNote: may be \"URL\" or \"DNS\" to use the corresponding UUIDs\ndefined by RFC4122\n```\n\n## ECMAScript Modules\n\nThis library comes with [ECMAScript Modules](https://www.ecma-international.org/ecma-262/6.0/#sec-modules) (ESM) support for Node.js versions that support it ([example](./examples/node-esmodules/)) as well as bundlers like [rollup.js](https://rollupjs.org/guide/en/#tree-shaking) ([example](./examples/browser-rollup/)) and [webpack](https://webpack.js.org/guides/tree-shaking/) ([example](./examples/browser-webpack/)) (targeting both, Node.js and browser environments).\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\nuuidv4(); // ⇨ '1b9d6bcd-bbfd-4b2d-9b5d-ab8dfbbd4bed'\n```\n\nTo run the examples you must first create a dist build of this library in the module root:\n\n```shell\nnpm run build\n```\n\n## CDN Builds\n\n### ECMAScript Modules\n\nTo load this module directly into modern browsers that [support loading ECMAScript Modules](https://caniuse.com/#feat=es6-module) you can make use of [jspm](https://jspm.org/):\n\n```html\n\n```\n\n### UMD\n\nTo load this module directly into older browsers you can use the [UMD (Universal Module Definition)](https://github.com/umdjs/umd) builds from any of the following CDNs:\n\n**Using [UNPKG](https://unpkg.com/uuid@latest/dist/umd/)**:\n\n```html\n\n```\n\n**Using [jsDelivr](https://cdn.jsdelivr.net/npm/uuid@latest/dist/umd/)**:\n\n```html\n\n```\n\n**Using [cdnjs](https://cdnjs.com/libraries/uuid)**:\n\n```html\n\n```\n\nThese CDNs all provide the same [`uuidv4()`](#uuidv4options-buffer-offset) method:\n\n```html\n\n```\n\nMethods for the other algorithms ([`uuidv1()`](#uuidv1options-buffer-offset), [`uuidv3()`](#uuidv3name-namespace-buffer-offset) and [`uuidv5()`](#uuidv5name-namespace-buffer-offset)) are available from the files `uuidv1.min.js`, `uuidv3.min.js` and `uuidv5.min.js` respectively.\n\n## \"getRandomValues() not supported\"\n\nThis error occurs in environments where the standard [`crypto.getRandomValues()`](https://developer.mozilla.org/en-US/docs/Web/API/Crypto/getRandomValues) API is not supported. This issue can be resolved by adding an appropriate polyfill:\n\n### React Native / Expo\n\n1. Install [`react-native-get-random-values`](https://github.com/LinusU/react-native-get-random-values#readme)\n1. Import it _before_ `uuid`. Since `uuid` might also appear as a transitive dependency of some other imports it's safest to just import `react-native-get-random-values` as the very first thing in your entry point:\n\n```javascript\nimport 'react-native-get-random-values';\nimport { v4 as uuidv4 } from 'uuid';\n```\n\nNote: If you are using Expo, you must be using at least `react-native-get-random-values@1.5.0` and `expo@39.0.0`.\n\n### Web Workers / Service Workers (Edge <= 18)\n\n[In Edge <= 18, Web Crypto is not supported in Web Workers or Service Workers](https://caniuse.com/#feat=cryptography) and we are not aware of a polyfill (let us know if you find one, please).\n\n## Upgrading From `uuid@7.x`\n\n### Only Named Exports Supported When Using with Node.js ESM\n\n`uuid@7.x` did not come with native ECMAScript Module (ESM) support for Node.js. Importing it in Node.js ESM consequently imported the CommonJS source with a default export. This library now comes with true Node.js ESM support and only provides named exports.\n\nInstead of doing:\n\n```javascript\nimport uuid from 'uuid';\nuuid.v4();\n```\n\nyou will now have to use the named exports:\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\nuuidv4();\n```\n\n### Deep Requires No Longer Supported\n\nDeep requires like `require('uuid/v4')` [which have been deprecated in `uuid@7.x`](#deep-requires-now-deprecated) are no longer supported.\n\n## Upgrading From `uuid@3.x`\n\n\"_Wait... what happened to `uuid@4.x` - `uuid@6.x`?!?_\"\n\nIn order to avoid confusion with RFC [version 4](#uuidv4options-buffer-offset) and [version 5](#uuidv5name-namespace-buffer-offset) UUIDs, and a possible [version 6](http://gh.peabody.io/uuidv6/), releases 4 thru 6 of this module have been skipped.\n\n### Deep Requires Now Deprecated\n\n`uuid@3.x` encouraged the use of deep requires to minimize the bundle size of browser builds:\n\n```javascript\nconst uuidv4 = require('uuid/v4'); // <== NOW DEPRECATED!\nuuidv4();\n```\n\nAs of `uuid@7.x` this library now provides ECMAScript modules builds, which allow packagers like Webpack and Rollup to do \"tree-shaking\" to remove dead code. Instead, use the `import` syntax:\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\nuuidv4();\n```\n\n... or for CommonJS:\n\n```javascript\nconst { v4: uuidv4 } = require('uuid');\nuuidv4();\n```\n\n### Default Export Removed\n\n`uuid@3.x` was exporting the Version 4 UUID method as a default export:\n\n```javascript\nconst uuid = require('uuid'); // <== REMOVED!\n```\n\nThis usage pattern was already discouraged in `uuid@3.x` and has been removed in `uuid@7.x`.\n\n----\nMarkdown generated from [README_js.md](README_js.md) by [![RunMD Logo](http://i.imgur.com/h0FVyzU.png)](https://github.com/broofa/runmd)", + "readmeFilename": "README.md", + "_args": [ + [ + "uuid@8.3.2", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project" + ] + ], + "dependencies": {}, + "optionalDependencies": {}, + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuid", + "error": "[Circular]", + "extraneous": false + }, + "uuidv4": { + "_from": "uuidv4@^6.2.13", + "_id": "uuidv4@6.2.13", + "_integrity": "sha512-AXyzMjazYB3ovL3q051VLH06Ixj//Knx7QnUSi1T//Ie3io6CpsPu9nVMOx5MoLWh6xV0B9J0hIaxungxXUbPQ==", + "_location": "/uuidv4", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "uuidv4@6.2.13", + "name": "uuidv4", + "escapedName": "uuidv4", + "rawSpec": "6.2.13", + "saveSpec": "[Circular]", + "fetchSpec": "6.2.13" + }, + "_requiredBy": [ + "/" + ], + "_resolved": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "_shasum": "8f95ec5ef22d1f92c8e5d4c70b735d1c89572cb7", + "_spec": "6.2.13", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project", + "bugs": { + "url": "https://github.com/thenativeweb/uuidv4/issues" + }, + "contributors": [ + { + "name": "Golo Roden", + "email": "golo.roden@thenativeweb.io" + }, + { + "name": "Matthias Wagler", + "email": "matthias.wagler@thenativeweb.io" + }, + { + "name": "Jan-Hendrik Grundhöfer", + "email": "jan-hendrik.grundhoefer@thenativeweb.io" + }, + { + "name": "Sven Eppler", + "email": "sven.eppler@sodgeit.de" + }, + { + "name": "Hannes Leutloff", + "email": "hannes.leutloff@thenativeweb.io" + } + ], + "dependencies": { + "@types/uuid": { + "_from": "@types/uuid@8.3.4", + "_id": "@types/uuid@8.3.4", + "_integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "_location": "/@types/uuid", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "@types/uuid@8.3.4", + "name": "@types/uuid", + "escapedName": "@types%2fuuid", + "scope": "@types", + "rawSpec": "8.3.4", + "saveSpec": "[Circular]", + "fetchSpec": "8.3.4" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "_shasum": "bd86a43617df0594787d38b735f55c805becf1bc", + "_spec": "8.3.4", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project", + "bugs": "[Circular]", + "contributors": "[Circular]", + "dependencies": {}, + "deprecated": false, + "description": "TypeScript definitions for uuid", + "exports": "[Circular]", + "homepage": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/uuid", + "license": "MIT", + "main": "", + "name": "@types/uuid", + "repository": "[Circular]", + "scripts": "[Circular]", + "typeScriptVersion": "3.8", + "types": "index.d.ts", + "typesPublisherContentHash": "7bd9cd358e9e4357393eb0163c44f44dc265ab936b456743af6ed3d0d0ac644f", + "version": "8.3.4", + "readme": "# Installation\r\n> `npm install --save @types/uuid`\r\n\r\n# Summary\r\nThis package contains type definitions for uuid (https://github.com/uuidjs/uuid).\r\n\r\n# Details\r\nFiles were exported from https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/uuid.\r\n\r\n### Additional Details\r\n * Last updated: Thu, 06 Jan 2022 07:31:27 GMT\r\n * Dependencies: none\r\n * Global values: none\r\n\r\n# Credits\r\nThese definitions were written by [Oliver Hoffmann](https://github.com/iamolivinius), [Felipe Ochoa](https://github.com/felipeochoa), [Chris Barth](https://github.com/cjbarth), [Linus Unnebäck](https://github.com/LinusU), and [Christoph Tavan](https://github.com/ctavan).\r\n", + "readmeFilename": "README.md", + "_args": "[Circular]", + "devDependencies": "[Circular]", + "optionalDependencies": "[Circular]", + "_dependencies": "[Circular]", + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/uuid", + "error": "[Circular]", + "extraneous": false, + "_deduped": "@types/uuid" + }, + "uuid": { + "_from": "uuid@8.3.2", + "_id": "uuid@8.3.2", + "_integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "_location": "/uuid", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "uuid@8.3.2", + "name": "uuid", + "escapedName": "uuid", + "rawSpec": "8.3.2", + "saveSpec": "[Circular]", + "fetchSpec": "8.3.2" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "_shasum": "80d5b5ced271bb9af6c445f21a1a04c606cefbe2", + "_spec": "8.3.2", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project", + "bin": "[Circular]", + "browser": "[Circular]", + "bugs": "[Circular]", + "commitlint": "[Circular]", + "deprecated": false, + "description": "RFC4122 (v1, v4, and v5) UUIDs", + "devDependencies": "[Circular]", + "exports": "[Circular]", + "files": "[Circular]", + "homepage": "https://github.com/uuidjs/uuid#readme", + "husky": "[Circular]", + "keywords": "[Circular]", + "license": "MIT", + "lint-staged": "[Circular]", + "main": "./dist/index.js", + "module": "./dist/esm-node/index.js", + "name": "uuid", + "optionalDevDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "sideEffects": false, + "standard-version": "[Circular]", + "version": "8.3.2", + "readme": "\n\n# uuid [![CI](https://github.com/uuidjs/uuid/workflows/CI/badge.svg)](https://github.com/uuidjs/uuid/actions?query=workflow%3ACI) [![Browser](https://github.com/uuidjs/uuid/workflows/Browser/badge.svg)](https://github.com/uuidjs/uuid/actions?query=workflow%3ABrowser)\n\nFor the creation of [RFC4122](http://www.ietf.org/rfc/rfc4122.txt) UUIDs\n\n- **Complete** - Support for RFC4122 version 1, 3, 4, and 5 UUIDs\n- **Cross-platform** - Support for ...\n - CommonJS, [ECMAScript Modules](#ecmascript-modules) and [CDN builds](#cdn-builds)\n - Node 8, 10, 12, 14\n - Chrome, Safari, Firefox, Edge, IE 11 browsers\n - Webpack and rollup.js module bundlers\n - [React Native / Expo](#react-native--expo)\n- **Secure** - Cryptographically-strong random values\n- **Small** - Zero-dependency, small footprint, plays nice with \"tree shaking\" packagers\n- **CLI** - Includes the [`uuid` command line](#command-line) utility\n\n**Upgrading from `uuid@3.x`?** Your code is probably okay, but check out [Upgrading From `uuid@3.x`](#upgrading-from-uuid3x) for details.\n\n## Quickstart\n\nTo create a random UUID...\n\n**1. Install**\n\n```shell\nnpm install uuid\n```\n\n**2. Create a UUID** (ES6 module syntax)\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\nuuidv4(); // ⇨ '9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d'\n```\n\n... or using CommonJS syntax:\n\n```javascript\nconst { v4: uuidv4 } = require('uuid');\nuuidv4(); // ⇨ '1b9d6bcd-bbfd-4b2d-9b5d-ab8dfbbd4bed'\n```\n\nFor timestamp UUIDs, namespace UUIDs, and other options read on ...\n\n## API Summary\n\n| | | |\n| --- | --- | --- |\n| [`uuid.NIL`](#uuidnil) | The nil UUID string (all zeros) | New in `uuid@8.3` |\n| [`uuid.parse()`](#uuidparsestr) | Convert UUID string to array of bytes | New in `uuid@8.3` |\n| [`uuid.stringify()`](#uuidstringifyarr-offset) | Convert array of bytes to UUID string | New in `uuid@8.3` |\n| [`uuid.v1()`](#uuidv1options-buffer-offset) | Create a version 1 (timestamp) UUID | |\n| [`uuid.v3()`](#uuidv3name-namespace-buffer-offset) | Create a version 3 (namespace w/ MD5) UUID | |\n| [`uuid.v4()`](#uuidv4options-buffer-offset) | Create a version 4 (random) UUID | |\n| [`uuid.v5()`](#uuidv5name-namespace-buffer-offset) | Create a version 5 (namespace w/ SHA-1) UUID | |\n| [`uuid.validate()`](#uuidvalidatestr) | Test a string to see if it is a valid UUID | New in `uuid@8.3` |\n| [`uuid.version()`](#uuidversionstr) | Detect RFC version of a UUID | New in `uuid@8.3` |\n\n## API\n\n### uuid.NIL\n\nThe nil UUID string (all zeros).\n\nExample:\n\n```javascript\nimport { NIL as NIL_UUID } from 'uuid';\n\nNIL_UUID; // ⇨ '00000000-0000-0000-0000-000000000000'\n```\n\n### uuid.parse(str)\n\nConvert UUID string to array of bytes\n\n| | |\n| --------- | ---------------------------------------- |\n| `str` | A valid UUID `String` |\n| _returns_ | `Uint8Array[16]` |\n| _throws_ | `TypeError` if `str` is not a valid UUID |\n\nNote: Ordering of values in the byte arrays used by `parse()` and `stringify()` follows the left ↠ right order of hex-pairs in UUID strings. As shown in the example below.\n\nExample:\n\n```javascript\nimport { parse as uuidParse } from 'uuid';\n\n// Parse a UUID\nconst bytes = uuidParse('6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b');\n\n// Convert to hex strings to show byte order (for documentation purposes)\n[...bytes].map((v) => v.toString(16).padStart(2, '0')); // ⇨ \n // [\n // '6e', 'c0', 'bd', '7f',\n // '11', 'c0', '43', 'da',\n // '97', '5e', '2a', '8a',\n // 'd9', 'eb', 'ae', '0b'\n // ]\n```\n\n### uuid.stringify(arr[, offset])\n\nConvert array of bytes to UUID string\n\n| | |\n| -------------- | ---------------------------------------------------------------------------- |\n| `arr` | `Array`-like collection of 16 values (starting from `offset`) between 0-255. |\n| [`offset` = 0] | `Number` Starting index in the Array |\n| _returns_ | `String` |\n| _throws_ | `TypeError` if a valid UUID string cannot be generated |\n\nNote: Ordering of values in the byte arrays used by `parse()` and `stringify()` follows the left ↠ right order of hex-pairs in UUID strings. As shown in the example below.\n\nExample:\n\n```javascript\nimport { stringify as uuidStringify } from 'uuid';\n\nconst uuidBytes = [\n 0x6e,\n 0xc0,\n 0xbd,\n 0x7f,\n 0x11,\n 0xc0,\n 0x43,\n 0xda,\n 0x97,\n 0x5e,\n 0x2a,\n 0x8a,\n 0xd9,\n 0xeb,\n 0xae,\n 0x0b,\n];\n\nuuidStringify(uuidBytes); // ⇨ '6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b'\n```\n\n### uuid.v1([options[, buffer[, offset]]])\n\nCreate an RFC version 1 (timestamp) UUID\n\n| | |\n| --- | --- |\n| [`options`] | `Object` with one or more of the following properties: |\n| [`options.node` ] | RFC \"node\" field as an `Array[6]` of byte values (per 4.1.6) |\n| [`options.clockseq`] | RFC \"clock sequence\" as a `Number` between 0 - 0x3fff |\n| [`options.msecs`] | RFC \"timestamp\" field (`Number` of milliseconds, unix epoch) |\n| [`options.nsecs`] | RFC \"timestamp\" field (`Number` of nanseconds to add to `msecs`, should be 0-10,000) |\n| [`options.random`] | `Array` of 16 random bytes (0-255) |\n| [`options.rng`] | Alternative to `options.random`, a `Function` that returns an `Array` of 16 random bytes (0-255) |\n| [`buffer`] | `Array \\| Buffer` If specified, uuid will be written here in byte-form, starting at `offset` |\n| [`offset` = 0] | `Number` Index to start writing UUID bytes in `buffer` |\n| _returns_ | UUID `String` if no `buffer` is specified, otherwise returns `buffer` |\n| _throws_ | `Error` if more than 10M UUIDs/sec are requested |\n\nNote: The default [node id](https://tools.ietf.org/html/rfc4122#section-4.1.6) (the last 12 digits in the UUID) is generated once, randomly, on process startup, and then remains unchanged for the duration of the process.\n\nNote: `options.random` and `options.rng` are only meaningful on the very first call to `v1()`, where they may be passed to initialize the internal `node` and `clockseq` fields.\n\nExample:\n\n```javascript\nimport { v1 as uuidv1 } from 'uuid';\n\nuuidv1(); // ⇨ '2c5ea4c0-4067-11e9-8bad-9b1deb4d3b7d'\n```\n\nExample using `options`:\n\n```javascript\nimport { v1 as uuidv1 } from 'uuid';\n\nconst v1options = {\n node: [0x01, 0x23, 0x45, 0x67, 0x89, 0xab],\n clockseq: 0x1234,\n msecs: new Date('2011-11-01').getTime(),\n nsecs: 5678,\n};\nuuidv1(v1options); // ⇨ '710b962e-041c-11e1-9234-0123456789ab'\n```\n\n### uuid.v3(name, namespace[, buffer[, offset]])\n\nCreate an RFC version 3 (namespace w/ MD5) UUID\n\nAPI is identical to `v5()`, but uses \"v3\" instead.\n\n⚠️ Note: Per the RFC, \"_If backward compatibility is not an issue, SHA-1 [Version 5] is preferred_.\"\n\n### uuid.v4([options[, buffer[, offset]]])\n\nCreate an RFC version 4 (random) UUID\n\n| | |\n| --- | --- |\n| [`options`] | `Object` with one or more of the following properties: |\n| [`options.random`] | `Array` of 16 random bytes (0-255) |\n| [`options.rng`] | Alternative to `options.random`, a `Function` that returns an `Array` of 16 random bytes (0-255) |\n| [`buffer`] | `Array \\| Buffer` If specified, uuid will be written here in byte-form, starting at `offset` |\n| [`offset` = 0] | `Number` Index to start writing UUID bytes in `buffer` |\n| _returns_ | UUID `String` if no `buffer` is specified, otherwise returns `buffer` |\n\nExample:\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\n\nuuidv4(); // ⇨ '1b9d6bcd-bbfd-4b2d-9b5d-ab8dfbbd4bed'\n```\n\nExample using predefined `random` values:\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\n\nconst v4options = {\n random: [\n 0x10,\n 0x91,\n 0x56,\n 0xbe,\n 0xc4,\n 0xfb,\n 0xc1,\n 0xea,\n 0x71,\n 0xb4,\n 0xef,\n 0xe1,\n 0x67,\n 0x1c,\n 0x58,\n 0x36,\n ],\n};\nuuidv4(v4options); // ⇨ '109156be-c4fb-41ea-b1b4-efe1671c5836'\n```\n\n### uuid.v5(name, namespace[, buffer[, offset]])\n\nCreate an RFC version 5 (namespace w/ SHA-1) UUID\n\n| | |\n| --- | --- |\n| `name` | `String \\| Array` |\n| `namespace` | `String \\| Array[16]` Namespace UUID |\n| [`buffer`] | `Array \\| Buffer` If specified, uuid will be written here in byte-form, starting at `offset` |\n| [`offset` = 0] | `Number` Index to start writing UUID bytes in `buffer` |\n| _returns_ | UUID `String` if no `buffer` is specified, otherwise returns `buffer` |\n\nNote: The RFC `DNS` and `URL` namespaces are available as `v5.DNS` and `v5.URL`.\n\nExample with custom namespace:\n\n```javascript\nimport { v5 as uuidv5 } from 'uuid';\n\n// Define a custom namespace. Readers, create your own using something like\n// https://www.uuidgenerator.net/\nconst MY_NAMESPACE = '1b671a64-40d5-491e-99b0-da01ff1f3341';\n\nuuidv5('Hello, World!', MY_NAMESPACE); // ⇨ '630eb68f-e0fa-5ecc-887a-7c7a62614681'\n```\n\nExample with RFC `URL` namespace:\n\n```javascript\nimport { v5 as uuidv5 } from 'uuid';\n\nuuidv5('https://www.w3.org/', uuidv5.URL); // ⇨ 'c106a26a-21bb-5538-8bf2-57095d1976c1'\n```\n\n### uuid.validate(str)\n\nTest a string to see if it is a valid UUID\n\n| | |\n| --------- | --------------------------------------------------- |\n| `str` | `String` to validate |\n| _returns_ | `true` if string is a valid UUID, `false` otherwise |\n\nExample:\n\n```javascript\nimport { validate as uuidValidate } from 'uuid';\n\nuuidValidate('not a UUID'); // ⇨ false\nuuidValidate('6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b'); // ⇨ true\n```\n\nUsing `validate` and `version` together it is possible to do per-version validation, e.g. validate for only v4 UUIds.\n\n```javascript\nimport { version as uuidVersion } from 'uuid';\nimport { validate as uuidValidate } from 'uuid';\n\nfunction uuidValidateV4(uuid) {\n return uuidValidate(uuid) && uuidVersion(uuid) === 4;\n}\n\nconst v1Uuid = 'd9428888-122b-11e1-b85c-61cd3cbb3210';\nconst v4Uuid = '109156be-c4fb-41ea-b1b4-efe1671c5836';\n\nuuidValidateV4(v4Uuid); // ⇨ true\nuuidValidateV4(v1Uuid); // ⇨ false\n```\n\n### uuid.version(str)\n\nDetect RFC version of a UUID\n\n| | |\n| --------- | ---------------------------------------- |\n| `str` | A valid UUID `String` |\n| _returns_ | `Number` The RFC version of the UUID |\n| _throws_ | `TypeError` if `str` is not a valid UUID |\n\nExample:\n\n```javascript\nimport { version as uuidVersion } from 'uuid';\n\nuuidVersion('45637ec4-c85f-11ea-87d0-0242ac130003'); // ⇨ 1\nuuidVersion('6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b'); // ⇨ 4\n```\n\n## Command Line\n\nUUIDs can be generated from the command line using `uuid`.\n\n```shell\n$ uuid\nddeb27fb-d9a0-4624-be4d-4615062daed4\n```\n\nThe default is to generate version 4 UUIDS, however the other versions are supported. Type `uuid --help` for details:\n\n```shell\n$ uuid --help\n\nUsage:\n uuid\n uuid v1\n uuid v3 \n uuid v4\n uuid v5 \n uuid --help\n\nNote: may be \"URL\" or \"DNS\" to use the corresponding UUIDs\ndefined by RFC4122\n```\n\n## ECMAScript Modules\n\nThis library comes with [ECMAScript Modules](https://www.ecma-international.org/ecma-262/6.0/#sec-modules) (ESM) support for Node.js versions that support it ([example](./examples/node-esmodules/)) as well as bundlers like [rollup.js](https://rollupjs.org/guide/en/#tree-shaking) ([example](./examples/browser-rollup/)) and [webpack](https://webpack.js.org/guides/tree-shaking/) ([example](./examples/browser-webpack/)) (targeting both, Node.js and browser environments).\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\nuuidv4(); // ⇨ '1b9d6bcd-bbfd-4b2d-9b5d-ab8dfbbd4bed'\n```\n\nTo run the examples you must first create a dist build of this library in the module root:\n\n```shell\nnpm run build\n```\n\n## CDN Builds\n\n### ECMAScript Modules\n\nTo load this module directly into modern browsers that [support loading ECMAScript Modules](https://caniuse.com/#feat=es6-module) you can make use of [jspm](https://jspm.org/):\n\n```html\n\n```\n\n### UMD\n\nTo load this module directly into older browsers you can use the [UMD (Universal Module Definition)](https://github.com/umdjs/umd) builds from any of the following CDNs:\n\n**Using [UNPKG](https://unpkg.com/uuid@latest/dist/umd/)**:\n\n```html\n\n```\n\n**Using [jsDelivr](https://cdn.jsdelivr.net/npm/uuid@latest/dist/umd/)**:\n\n```html\n\n```\n\n**Using [cdnjs](https://cdnjs.com/libraries/uuid)**:\n\n```html\n\n```\n\nThese CDNs all provide the same [`uuidv4()`](#uuidv4options-buffer-offset) method:\n\n```html\n\n```\n\nMethods for the other algorithms ([`uuidv1()`](#uuidv1options-buffer-offset), [`uuidv3()`](#uuidv3name-namespace-buffer-offset) and [`uuidv5()`](#uuidv5name-namespace-buffer-offset)) are available from the files `uuidv1.min.js`, `uuidv3.min.js` and `uuidv5.min.js` respectively.\n\n## \"getRandomValues() not supported\"\n\nThis error occurs in environments where the standard [`crypto.getRandomValues()`](https://developer.mozilla.org/en-US/docs/Web/API/Crypto/getRandomValues) API is not supported. This issue can be resolved by adding an appropriate polyfill:\n\n### React Native / Expo\n\n1. Install [`react-native-get-random-values`](https://github.com/LinusU/react-native-get-random-values#readme)\n1. Import it _before_ `uuid`. Since `uuid` might also appear as a transitive dependency of some other imports it's safest to just import `react-native-get-random-values` as the very first thing in your entry point:\n\n```javascript\nimport 'react-native-get-random-values';\nimport { v4 as uuidv4 } from 'uuid';\n```\n\nNote: If you are using Expo, you must be using at least `react-native-get-random-values@1.5.0` and `expo@39.0.0`.\n\n### Web Workers / Service Workers (Edge <= 18)\n\n[In Edge <= 18, Web Crypto is not supported in Web Workers or Service Workers](https://caniuse.com/#feat=cryptography) and we are not aware of a polyfill (let us know if you find one, please).\n\n## Upgrading From `uuid@7.x`\n\n### Only Named Exports Supported When Using with Node.js ESM\n\n`uuid@7.x` did not come with native ECMAScript Module (ESM) support for Node.js. Importing it in Node.js ESM consequently imported the CommonJS source with a default export. This library now comes with true Node.js ESM support and only provides named exports.\n\nInstead of doing:\n\n```javascript\nimport uuid from 'uuid';\nuuid.v4();\n```\n\nyou will now have to use the named exports:\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\nuuidv4();\n```\n\n### Deep Requires No Longer Supported\n\nDeep requires like `require('uuid/v4')` [which have been deprecated in `uuid@7.x`](#deep-requires-now-deprecated) are no longer supported.\n\n## Upgrading From `uuid@3.x`\n\n\"_Wait... what happened to `uuid@4.x` - `uuid@6.x`?!?_\"\n\nIn order to avoid confusion with RFC [version 4](#uuidv4options-buffer-offset) and [version 5](#uuidv5name-namespace-buffer-offset) UUIDs, and a possible [version 6](http://gh.peabody.io/uuidv6/), releases 4 thru 6 of this module have been skipped.\n\n### Deep Requires Now Deprecated\n\n`uuid@3.x` encouraged the use of deep requires to minimize the bundle size of browser builds:\n\n```javascript\nconst uuidv4 = require('uuid/v4'); // <== NOW DEPRECATED!\nuuidv4();\n```\n\nAs of `uuid@7.x` this library now provides ECMAScript modules builds, which allow packagers like Webpack and Rollup to do \"tree-shaking\" to remove dead code. Instead, use the `import` syntax:\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\nuuidv4();\n```\n\n... or for CommonJS:\n\n```javascript\nconst { v4: uuidv4 } = require('uuid');\nuuidv4();\n```\n\n### Default Export Removed\n\n`uuid@3.x` was exporting the Version 4 UUID method as a default export:\n\n```javascript\nconst uuid = require('uuid'); // <== REMOVED!\n```\n\nThis usage pattern was already discouraged in `uuid@3.x` and has been removed in `uuid@7.x`.\n\n----\nMarkdown generated from [README_js.md](README_js.md) by [![RunMD Logo](http://i.imgur.com/h0FVyzU.png)](https://github.com/broofa/runmd)", + "readmeFilename": "README.md", + "_args": "[Circular]", + "dependencies": {}, + "optionalDependencies": "[Circular]", + "_dependencies": "[Circular]", + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuid", + "error": "[Circular]", + "extraneous": false, + "_deduped": "uuid" + } + }, + "deprecated": false, + "description": "uuidv4 creates v4 UUIDs.", + "devDependencies": { + "assertthat": "6.4.0", + "roboter": "12.7.1", + "semantic-release-configuration": "2.0.7" + }, + "homepage": "https://github.com/thenativeweb/uuidv4#readme", + "keywords": [ + "guid", + "uuid" + ], + "license": "MIT", + "main": "build/lib/uuidv4.js", + "name": "uuidv4", + "private": false, + "repository": { + "type": "git", + "url": "git://github.com/thenativeweb/uuidv4.git" + }, + "scripts": {}, + "types": "build/lib/uuidv4.d.ts", + "version": "6.2.13", + "readme": "# uuidv4\n\nuuidv4 creates v4 UUIDs.\n\n## Status\n\n| Category | Status |\n| ---------------- | --------------------------------------------------------------------------------------------------- |\n| Version | [![npm](https://img.shields.io/npm/v/uuidv4)](https://www.npmjs.com/package/uuidv4) |\n| Dependencies | ![David](https://img.shields.io/david/thenativeweb/uuidv4) |\n| Dev dependencies | ![David](https://img.shields.io/david/dev/thenativeweb/uuidv4) |\n| Build | ![GitHub Actions](https://github.com/thenativeweb/uuidv4/workflows/Release/badge.svg?branch=main) |\n| License | ![GitHub](https://img.shields.io/github/license/thenativeweb/uuidv4) |\n\n## Please note\n\nThis module will be deprecated in the future in favour of module [uuid](https://www.npmjs.com/package/uuid). Most of the functionality of this module is already included in `uuid` since version `8.3.0`, so most of the functions of this module have already been marked as deprecated.\n\n## Installation\n\n```shell\n$ npm install uuidv4\n```\n\n## Quick start\n\nFirst you need to integrate uuidv4 into your project by using the `require` function:\n\n```javascript\nconst { uuid } = require('uuidv4');\n```\n\nIf you use TypeScript, use the following code instead:\n\n```typescript\nimport { uuid } from 'uuidv4';\n```\n\nThen you can create UUIDs. To do so simply call the `uuid` function:\n\n```javascript\nconsole.log(uuid());\n// => '11bf5b37-e0b8-42e0-8dcf-dc8c4aefc000'\n```\n\n### Verifying a UUID\n\nTo verify whether a given value is a UUID, use the `isUuid` function:\n\n```javascript\nimport { isUuid } from 'uuidv4';\n\nconsole.log(isUuid('75442486-0878-440c-9db1-a7006c25a39f'));\n// => true\n```\n\n_Please note that the `isUuid` function returns `true` for both, `v4` and `v5` UUIDs. In addition, `isUuid` returns `true` for `empty()`._\n\n#### Using a regular expression\n\nIf you want to perform the verification on your own using a regular expression, use the `regex` property, and access its `v4` or `v5` property, depending on what you need:\n\n```javascript\nimport { regex } from 'uuidv4';\n\nconsole.log(regex.v4);\nconsole.log(regex.v5);\n```\n\n_Please note that the regular expressions also consider `empty()` to be a valid UUID._\n\n#### Using a JSON schema\n\nIf you want to perform the verification on your own using a JSON schema, use the `jsonSchema` property, and access its `v4` or `v5` property, depending on what you need:\n\n```javascript\nimport { jsonSchema } from 'uuidv4';\n\nconsole.log(jsonSchema.v4);\nconsole.log(jsonSchema.v5);\n```\n\n_Please note that the JSON schemas also consider `empty()` to be a valid UUID._\n\n### Getting a UUID from a string\n\nFrom time to time you need an identifier that looks like a UUID, but is actually inferred from a string. For that, use the `fromString` function, which returns a UUID `v5`:\n\n```javascript\nimport { fromString } from 'uuidv4';\n\nconsole.log(fromString('the native web'));\n// => 'cdb63720-9628-5ef6-bbca-2e5ce6094f3c'\n```\n\nBy default, the `fromString` function uses a pre-configured namespace. If you want to use your own namespace, provide a UUID as second parameter:\n\n```javascript\nimport { fromString } from 'uuidv4';\n\nconsole.log(fromString('the native web', '004aadf4-8e1a-4450-905b-6039179f52da'));\n// => 'b1c4a89e-4905-5e3c-b57f-dc92627d011e'\n```\n\n### Getting the empty UUID\n\nIf you need a UUID that consists only of zeros, use the `empty` function:\n\n```javascript\nimport { empty } from 'uuidv4';\n\nconsole.log(empty());\n// => '00000000-0000-0000-0000-000000000000'\n```\n\n## Running quality assurance\n\nTo run quality assurance for this module use [roboter](https://www.npmjs.com/package/roboter):\n\n```shell\n$ npx roboter\n```\n", + "readmeFilename": "README.md", + "_optional": true, + "_args": [ + [ + "uuidv4@6.2.13", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project" + ] + ], + "optionalDependencies": {}, + "_dependencies": { + "@types/uuid": "8.3.4", + "uuid": "8.3.2" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuidv4", + "error": "[Circular]", + "extraneous": false + } + }, + "_id": "demo-dev-dependencies@0.0.0", + "_shrinkwrap": { + "name": "demo-dev-dependencies", + "version": "0.0.0", + "lockfileVersion": 1, + "requires": true, + "dependencies": { + "@types/node": { + "version": "20.12.8", + "resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "integrity": "sha512-NU0rJLJnshZWdE/097cdCBbyW1h4hEg0xpovcoAQYHl8dnEyp/NAOiE45pvc+Bd1Dt+2r94v2eGFpQJ4R7g+2w==", + "dev": true, + "requires": { + "undici-types": "~5.26.4" + } + }, + "@types/uuid": { + "version": "8.3.4", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==" + }, + "undici-types": { + "version": "5.26.5", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==", + "dev": true + }, + "uuid": { + "version": "8.3.2", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==" + }, + "uuidv4": { + "version": "6.2.13", + "resolved": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "integrity": "sha512-AXyzMjazYB3ovL3q051VLH06Ixj//Knx7QnUSi1T//Ie3io6CpsPu9nVMOx5MoLWh6xV0B9J0hIaxungxXUbPQ==", + "optional": true, + "requires": { + "@types/uuid": "8.3.4", + "uuid": "8.3.2" + } + } + } + }, + "_dependencies": { + "uuidv4": "^6.2.13" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project", + "error": "[Circular]", + "extraneous": false +} diff --git a/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm6_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm6_node22_windows-latest.json new file mode 100644 index 00000000..e03e8319 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm6_node22_windows-latest.json @@ -0,0 +1,839 @@ +{ + "name": "demo-dev-dependencies", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "private": true, + "version": "0.0.0", + "license": "Apache-2.0", + "optionalDependencies": { + "uuidv4": "^6.2.13" + }, + "devDependencies": { + "@types/node": ">=16", + "@types/uuid": "^8", + "uuid": "^8" + }, + "readme": "ERROR: No README data found!", + "dependencies": { + "@types/node": { + "_from": "@types/node@>=16", + "_id": "@types/node@20.12.8", + "_integrity": "sha512-NU0rJLJnshZWdE/097cdCBbyW1h4hEg0xpovcoAQYHl8dnEyp/NAOiE45pvc+Bd1Dt+2r94v2eGFpQJ4R7g+2w==", + "_location": "/@types/node", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "@types/node@20.12.8", + "name": "@types/node", + "escapedName": "@types%2fnode", + "scope": "@types", + "rawSpec": "20.12.8", + "saveSpec": null, + "fetchSpec": "20.12.8" + }, + "_requiredBy": [ + "#DEV:/" + ], + "_resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "_shasum": "35897bf2bfe3469847ab04634636de09552e8256", + "_spec": "20.12.8", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project", + "bugs": { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues" + }, + "contributors": [ + { + "name": "Microsoft TypeScript", + "url": "https://github.com/Microsoft" + }, + { + "name": "Alberto Schiabel", + "url": "https://github.com/jkomyno" + }, + { + "name": "Alvis HT Tang", + "url": "https://github.com/alvis" + }, + { + "name": "Andrew Makarov", + "url": "https://github.com/r3nya" + }, + { + "name": "Benjamin Toueg", + "url": "https://github.com/btoueg" + }, + { + "name": "Chigozirim C.", + "url": "https://github.com/smac89" + }, + { + "name": "David Junger", + "url": "https://github.com/touffy" + }, + { + "name": "Deividas Bakanas", + "url": "https://github.com/DeividasBakanas" + }, + { + "name": "Eugene Y. Q. Shen", + "url": "https://github.com/eyqs" + }, + { + "name": "Hannes Magnusson", + "url": "https://github.com/Hannes-Magnusson-CK" + }, + { + "name": "Huw", + "url": "https://github.com/hoo29" + }, + { + "name": "Kelvin Jin", + "url": "https://github.com/kjin" + }, + { + "name": "Klaus Meinhardt", + "url": "https://github.com/ajafff" + }, + { + "name": "Lishude", + "url": "https://github.com/islishude" + }, + { + "name": "Mariusz Wiktorczyk", + "url": "https://github.com/mwiktorczyk" + }, + { + "name": "Mohsen Azimi", + "url": "https://github.com/mohsen1" + }, + { + "name": "Nikita Galkin", + "url": "https://github.com/galkin" + }, + { + "name": "Parambir Singh", + "url": "https://github.com/parambirs" + }, + { + "name": "Sebastian Silbermann", + "url": "https://github.com/eps1lon" + }, + { + "name": "Thomas den Hollander", + "url": "https://github.com/ThomasdenH" + }, + { + "name": "Wilco Bakker", + "url": "https://github.com/WilcoBakker" + }, + { + "name": "wwwy3y3", + "url": "https://github.com/wwwy3y3" + }, + { + "name": "Samuel Ainsworth", + "url": "https://github.com/samuela" + }, + { + "name": "Kyle Uehlein", + "url": "https://github.com/kuehlein" + }, + { + "name": "Thanik Bhongbhibhat", + "url": "https://github.com/bhongy" + }, + { + "name": "Marcin Kopacz", + "url": "https://github.com/chyzwar" + }, + { + "name": "Trivikram Kamat", + "url": "https://github.com/trivikr" + }, + { + "name": "Junxiao Shi", + "url": "https://github.com/yoursunny" + }, + { + "name": "Ilia Baryshnikov", + "url": "https://github.com/qwelias" + }, + { + "name": "ExE Boss", + "url": "https://github.com/ExE-Boss" + }, + { + "name": "Piotr Błażejewicz", + "url": "https://github.com/peterblazejewicz" + }, + { + "name": "Anna Henningsen", + "url": "https://github.com/addaleax" + }, + { + "name": "Victor Perin", + "url": "https://github.com/victorperin" + }, + { + "name": "Yongsheng Zhang", + "url": "https://github.com/ZYSzys" + }, + { + "name": "NodeJS Contributors", + "url": "https://github.com/NodeJS" + }, + { + "name": "Linus Unnebäck", + "url": "https://github.com/LinusU" + }, + { + "name": "wafuwafu13", + "url": "https://github.com/wafuwafu13" + }, + { + "name": "Matteo Collina", + "url": "https://github.com/mcollina" + }, + { + "name": "Dmitry Semigradsky", + "url": "https://github.com/Semigradsky" + } + ], + "dependencies": { + "undici-types": { + "_from": "undici-types@~5.26.4", + "_id": "undici-types@5.26.5", + "_integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==", + "_location": "/undici-types", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "undici-types@5.26.5", + "name": "undici-types", + "escapedName": "undici-types", + "rawSpec": "5.26.5", + "saveSpec": "[Circular]", + "fetchSpec": "5.26.5" + }, + "_requiredBy": [ + "/@types/node" + ], + "_resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "_shasum": "bcd539893d00b56e964fd2657a4866b221a65617", + "_spec": "5.26.5", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project", + "bugs": { + "url": "https://github.com/nodejs/undici/issues" + }, + "contributors": [ + { + "name": "Daniele Belardi", + "url": "https://github.com/dnlup" + }, + { + "name": "Ethan Arrowood", + "url": "https://github.com/ethan-arrowood" + }, + { + "name": "Matteo Collina", + "url": "https://github.com/mcollina" + }, + { + "name": "Matthew Aitken", + "url": "https://github.com/KhafraDev" + }, + { + "name": "Robert Nagy", + "url": "https://github.com/ronag" + }, + { + "name": "Szymon Marczak", + "url": "https://github.com/szmarczak" + }, + { + "name": "Tomas Della Vedova", + "url": "https://github.com/delvedor" + } + ], + "deprecated": false, + "description": "A stand-alone types package for Undici", + "files": [ + "*.d.ts" + ], + "homepage": "https://undici.nodejs.org", + "license": "MIT", + "name": "undici-types", + "repository": { + "type": "git", + "url": "git+https://github.com/nodejs/undici.git" + }, + "types": "index.d.ts", + "version": "5.26.5", + "readme": "# undici-types\n\nThis package is a dual-publish of the [undici](https://www.npmjs.com/package/undici) library types. The `undici` package **still contains types**. This package is for users who _only_ need undici types (such as for `@types/node`). It is published alongside every release of `undici`, so you can always use the same version.\n\n- [GitHub nodejs/undici](https://github.com/nodejs/undici)\n- [Undici Documentation](https://undici.nodejs.org/#/)\n", + "readmeFilename": "README.md", + "_development": true, + "_args": [ + [ + "undici-types@5.26.5", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project" + ] + ], + "dependencies": {}, + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\undici-types", + "error": "[Circular]", + "extraneous": false + } + }, + "deprecated": false, + "description": "TypeScript definitions for node", + "homepage": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node", + "license": "MIT", + "main": "", + "name": "@types/node", + "repository": { + "type": "git", + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git", + "directory": "types/node" + }, + "scripts": {}, + "typeScriptVersion": "4.7", + "types": "index.d.ts", + "typesPublisherContentHash": "5ff1c25113c701fc2321b0b620459a659788987291b6c00cde19caf71688f6ae", + "version": "20.12.8", + "readme": "# Installation\r\n> `npm install --save @types/node`\r\n\r\n# Summary\r\nThis package contains type definitions for node (https://nodejs.org/).\r\n\r\n# Details\r\nFiles were exported from https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node.\r\n\r\n### Additional Details\r\n * Last updated: Wed, 01 May 2024 18:36:06 GMT\r\n * Dependencies: [undici-types](https://npmjs.com/package/undici-types)\r\n\r\n# Credits\r\nThese definitions were written by [Microsoft TypeScript](https://github.com/Microsoft), [Alberto Schiabel](https://github.com/jkomyno), [Alvis HT Tang](https://github.com/alvis), [Andrew Makarov](https://github.com/r3nya), [Benjamin Toueg](https://github.com/btoueg), [Chigozirim C.](https://github.com/smac89), [David Junger](https://github.com/touffy), [Deividas Bakanas](https://github.com/DeividasBakanas), [Eugene Y. Q. Shen](https://github.com/eyqs), [Hannes Magnusson](https://github.com/Hannes-Magnusson-CK), [Huw](https://github.com/hoo29), [Kelvin Jin](https://github.com/kjin), [Klaus Meinhardt](https://github.com/ajafff), [Lishude](https://github.com/islishude), [Mariusz Wiktorczyk](https://github.com/mwiktorczyk), [Mohsen Azimi](https://github.com/mohsen1), [Nikita Galkin](https://github.com/galkin), [Parambir Singh](https://github.com/parambirs), [Sebastian Silbermann](https://github.com/eps1lon), [Thomas den Hollander](https://github.com/ThomasdenH), [Wilco Bakker](https://github.com/WilcoBakker), [wwwy3y3](https://github.com/wwwy3y3), [Samuel Ainsworth](https://github.com/samuela), [Kyle Uehlein](https://github.com/kuehlein), [Thanik Bhongbhibhat](https://github.com/bhongy), [Marcin Kopacz](https://github.com/chyzwar), [Trivikram Kamat](https://github.com/trivikr), [Junxiao Shi](https://github.com/yoursunny), [Ilia Baryshnikov](https://github.com/qwelias), [ExE Boss](https://github.com/ExE-Boss), [Piotr Błażejewicz](https://github.com/peterblazejewicz), [Anna Henningsen](https://github.com/addaleax), [Victor Perin](https://github.com/victorperin), [Yongsheng Zhang](https://github.com/ZYSzys), [NodeJS Contributors](https://github.com/NodeJS), [Linus Unnebäck](https://github.com/LinusU), [wafuwafu13](https://github.com/wafuwafu13), [Matteo Collina](https://github.com/mcollina), and [Dmitry Semigradsky](https://github.com/Semigradsky).\r\n", + "readmeFilename": "README.md", + "_development": true, + "_args": [ + [ + "@types/node@20.12.8", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project" + ] + ], + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": { + "undici-types": "~5.26.4" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\@types\\node", + "error": "[Circular]", + "extraneous": false + }, + "@types/uuid": { + "_from": "@types/uuid@8.3.4", + "_id": "@types/uuid@8.3.4", + "_integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "_location": "/@types/uuid", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "@types/uuid@8.3.4", + "name": "@types/uuid", + "escapedName": "@types%2fuuid", + "scope": "@types", + "rawSpec": "8.3.4", + "saveSpec": "[Circular]", + "fetchSpec": "8.3.4" + }, + "_requiredBy": [ + "#DEV:/", + "/uuidv4" + ], + "_resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "_shasum": "bd86a43617df0594787d38b735f55c805becf1bc", + "_spec": "8.3.4", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project", + "bugs": { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues" + }, + "contributors": [ + { + "name": "Oliver Hoffmann", + "url": "https://github.com/iamolivinius" + }, + { + "name": "Felipe Ochoa", + "url": "https://github.com/felipeochoa" + }, + { + "name": "Chris Barth", + "url": "https://github.com/cjbarth" + }, + { + "name": "Linus Unnebäck", + "url": "https://github.com/LinusU" + }, + { + "name": "Christoph Tavan", + "url": "https://github.com/ctavan" + } + ], + "dependencies": {}, + "deprecated": false, + "description": "TypeScript definitions for uuid", + "exports": { + "./package.json": "./package.json", + ".": { + "types": { + "import": "./index.d.mts", + "default": "./index.d.ts" + } + } + }, + "homepage": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/uuid", + "license": "MIT", + "main": "", + "name": "@types/uuid", + "repository": { + "type": "git", + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git", + "directory": "types/uuid" + }, + "scripts": {}, + "typeScriptVersion": "3.8", + "types": "index.d.ts", + "typesPublisherContentHash": "7bd9cd358e9e4357393eb0163c44f44dc265ab936b456743af6ed3d0d0ac644f", + "version": "8.3.4", + "readme": "# Installation\r\n> `npm install --save @types/uuid`\r\n\r\n# Summary\r\nThis package contains type definitions for uuid (https://github.com/uuidjs/uuid).\r\n\r\n# Details\r\nFiles were exported from https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/uuid.\r\n\r\n### Additional Details\r\n * Last updated: Thu, 06 Jan 2022 07:31:27 GMT\r\n * Dependencies: none\r\n * Global values: none\r\n\r\n# Credits\r\nThese definitions were written by [Oliver Hoffmann](https://github.com/iamolivinius), [Felipe Ochoa](https://github.com/felipeochoa), [Chris Barth](https://github.com/cjbarth), [Linus Unnebäck](https://github.com/LinusU), and [Christoph Tavan](https://github.com/ctavan).\r\n", + "readmeFilename": "README.md", + "_args": [ + [ + "@types/uuid@8.3.4", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project" + ] + ], + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\@types\\uuid", + "error": "[Circular]", + "extraneous": false + }, + "uuid": { + "_from": "uuid@8.3.2", + "_id": "uuid@8.3.2", + "_integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "_location": "/uuid", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "uuid@8.3.2", + "name": "uuid", + "escapedName": "uuid", + "rawSpec": "8.3.2", + "saveSpec": "[Circular]", + "fetchSpec": "8.3.2" + }, + "_requiredBy": [ + "#DEV:/", + "/uuidv4" + ], + "_resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "_shasum": "80d5b5ced271bb9af6c445f21a1a04c606cefbe2", + "_spec": "8.3.2", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project", + "bin": { + "uuid": "dist/bin/uuid" + }, + "browser": { + "./dist/md5.js": "./dist/md5-browser.js", + "./dist/rng.js": "./dist/rng-browser.js", + "./dist/sha1.js": "./dist/sha1-browser.js", + "./dist/esm-node/index.js": "./dist/esm-browser/index.js" + }, + "bugs": { + "url": "https://github.com/uuidjs/uuid/issues" + }, + "commitlint": { + "extends": [ + "@commitlint/config-conventional" + ] + }, + "deprecated": false, + "description": "RFC4122 (v1, v4, and v5) UUIDs", + "devDependencies": { + "@babel/cli": "7.11.6", + "@babel/core": "7.11.6", + "@babel/preset-env": "7.11.5", + "@commitlint/cli": "11.0.0", + "@commitlint/config-conventional": "11.0.0", + "@rollup/plugin-node-resolve": "9.0.0", + "babel-eslint": "10.1.0", + "bundlewatch": "0.3.1", + "eslint": "7.10.0", + "eslint-config-prettier": "6.12.0", + "eslint-config-standard": "14.1.1", + "eslint-plugin-import": "2.22.1", + "eslint-plugin-node": "11.1.0", + "eslint-plugin-prettier": "3.1.4", + "eslint-plugin-promise": "4.2.1", + "eslint-plugin-standard": "4.0.1", + "husky": "4.3.0", + "jest": "25.5.4", + "lint-staged": "10.4.0", + "npm-run-all": "4.1.5", + "optional-dev-dependency": "2.0.1", + "prettier": "2.1.2", + "random-seed": "0.3.0", + "rollup": "2.28.2", + "rollup-plugin-terser": "7.0.2", + "runmd": "1.3.2", + "standard-version": "9.0.0" + }, + "exports": { + ".": { + "node": { + "module": "./dist/esm-node/index.js", + "require": "./dist/index.js", + "import": "./wrapper.mjs" + }, + "default": "./dist/esm-browser/index.js" + }, + "./package.json": "./package.json" + }, + "files": [ + "CHANGELOG.md", + "CONTRIBUTING.md", + "LICENSE.md", + "README.md", + "dist", + "wrapper.mjs" + ], + "homepage": "https://github.com/uuidjs/uuid#readme", + "husky": { + "hooks": { + "commit-msg": "commitlint -E HUSKY_GIT_PARAMS", + "pre-commit": "lint-staged" + } + }, + "keywords": [ + "uuid", + "guid", + "rfc4122" + ], + "license": "MIT", + "lint-staged": { + "*.{js,jsx,json,md}": [ + "prettier --write" + ], + "*.{js,jsx}": [ + "eslint --fix" + ] + }, + "main": "./dist/index.js", + "module": "./dist/esm-node/index.js", + "name": "uuid", + "optionalDevDependencies": { + "@wdio/browserstack-service": "6.4.0", + "@wdio/cli": "6.4.0", + "@wdio/jasmine-framework": "6.4.0", + "@wdio/local-runner": "6.4.0", + "@wdio/spec-reporter": "6.4.0", + "@wdio/static-server-service": "6.4.0", + "@wdio/sync": "6.4.0" + }, + "repository": { + "type": "git", + "url": "git+https://github.com/uuidjs/uuid.git" + }, + "scripts": { + "build": "./scripts/build.sh", + "bundlewatch": "npm run pretest:browser && bundlewatch --config bundlewatch.config.json", + "docs": "( node --version | grep -q 'v12' ) && ( npm run build && runmd --output=README.md README_js.md )", + "docs:diff": "npm run docs && git diff --quiet README.md", + "eslint:check": "eslint src/ test/ examples/ *.js", + "eslint:fix": "eslint --fix src/ test/ examples/ *.js", + "examples:browser:rollup:build": "cd examples/browser-rollup && npm install && npm run build", + "examples:browser:webpack:build": "cd examples/browser-webpack && npm install && npm run build", + "examples:node:commonjs:test": "cd examples/node-commonjs && npm install && npm test", + "examples:node:esmodules:test": "cd examples/node-esmodules && npm install && npm test", + "lint": "npm run eslint:check && npm run prettier:check", + "md": "runmd --watch --output=README.md README_js.md", + "prepack": "npm run build", + "pretest": "[ -n $CI ] || npm run build", + "pretest:benchmark": "npm run build", + "pretest:browser": "optional-dev-dependency && npm run build && npm-run-all --parallel examples:browser:**", + "pretest:node": "npm run build", + "prettier:check": "prettier --ignore-path .prettierignore --check '**/*.{js,jsx,json,md}'", + "prettier:fix": "prettier --ignore-path .prettierignore --write '**/*.{js,jsx,json,md}'", + "release": "standard-version --no-verify", + "test": "BABEL_ENV=commonjs node --throw-deprecation node_modules/.bin/jest test/unit/", + "test:benchmark": "cd examples/benchmark && npm install && npm test", + "test:browser": "wdio run ./wdio.conf.js", + "test:node": "npm-run-all --parallel examples:node:**", + "test:pack": "./scripts/testpack.sh" + }, + "sideEffects": false, + "standard-version": { + "scripts": { + "postchangelog": "prettier --write CHANGELOG.md" + } + }, + "version": "8.3.2", + "readme": "\n\n# uuid [![CI](https://github.com/uuidjs/uuid/workflows/CI/badge.svg)](https://github.com/uuidjs/uuid/actions?query=workflow%3ACI) [![Browser](https://github.com/uuidjs/uuid/workflows/Browser/badge.svg)](https://github.com/uuidjs/uuid/actions?query=workflow%3ABrowser)\n\nFor the creation of [RFC4122](http://www.ietf.org/rfc/rfc4122.txt) UUIDs\n\n- **Complete** - Support for RFC4122 version 1, 3, 4, and 5 UUIDs\n- **Cross-platform** - Support for ...\n - CommonJS, [ECMAScript Modules](#ecmascript-modules) and [CDN builds](#cdn-builds)\n - Node 8, 10, 12, 14\n - Chrome, Safari, Firefox, Edge, IE 11 browsers\n - Webpack and rollup.js module bundlers\n - [React Native / Expo](#react-native--expo)\n- **Secure** - Cryptographically-strong random values\n- **Small** - Zero-dependency, small footprint, plays nice with \"tree shaking\" packagers\n- **CLI** - Includes the [`uuid` command line](#command-line) utility\n\n**Upgrading from `uuid@3.x`?** Your code is probably okay, but check out [Upgrading From `uuid@3.x`](#upgrading-from-uuid3x) for details.\n\n## Quickstart\n\nTo create a random UUID...\n\n**1. Install**\n\n```shell\nnpm install uuid\n```\n\n**2. Create a UUID** (ES6 module syntax)\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\nuuidv4(); // ⇨ '9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d'\n```\n\n... or using CommonJS syntax:\n\n```javascript\nconst { v4: uuidv4 } = require('uuid');\nuuidv4(); // ⇨ '1b9d6bcd-bbfd-4b2d-9b5d-ab8dfbbd4bed'\n```\n\nFor timestamp UUIDs, namespace UUIDs, and other options read on ...\n\n## API Summary\n\n| | | |\n| --- | --- | --- |\n| [`uuid.NIL`](#uuidnil) | The nil UUID string (all zeros) | New in `uuid@8.3` |\n| [`uuid.parse()`](#uuidparsestr) | Convert UUID string to array of bytes | New in `uuid@8.3` |\n| [`uuid.stringify()`](#uuidstringifyarr-offset) | Convert array of bytes to UUID string | New in `uuid@8.3` |\n| [`uuid.v1()`](#uuidv1options-buffer-offset) | Create a version 1 (timestamp) UUID | |\n| [`uuid.v3()`](#uuidv3name-namespace-buffer-offset) | Create a version 3 (namespace w/ MD5) UUID | |\n| [`uuid.v4()`](#uuidv4options-buffer-offset) | Create a version 4 (random) UUID | |\n| [`uuid.v5()`](#uuidv5name-namespace-buffer-offset) | Create a version 5 (namespace w/ SHA-1) UUID | |\n| [`uuid.validate()`](#uuidvalidatestr) | Test a string to see if it is a valid UUID | New in `uuid@8.3` |\n| [`uuid.version()`](#uuidversionstr) | Detect RFC version of a UUID | New in `uuid@8.3` |\n\n## API\n\n### uuid.NIL\n\nThe nil UUID string (all zeros).\n\nExample:\n\n```javascript\nimport { NIL as NIL_UUID } from 'uuid';\n\nNIL_UUID; // ⇨ '00000000-0000-0000-0000-000000000000'\n```\n\n### uuid.parse(str)\n\nConvert UUID string to array of bytes\n\n| | |\n| --------- | ---------------------------------------- |\n| `str` | A valid UUID `String` |\n| _returns_ | `Uint8Array[16]` |\n| _throws_ | `TypeError` if `str` is not a valid UUID |\n\nNote: Ordering of values in the byte arrays used by `parse()` and `stringify()` follows the left ↠ right order of hex-pairs in UUID strings. As shown in the example below.\n\nExample:\n\n```javascript\nimport { parse as uuidParse } from 'uuid';\n\n// Parse a UUID\nconst bytes = uuidParse('6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b');\n\n// Convert to hex strings to show byte order (for documentation purposes)\n[...bytes].map((v) => v.toString(16).padStart(2, '0')); // ⇨ \n // [\n // '6e', 'c0', 'bd', '7f',\n // '11', 'c0', '43', 'da',\n // '97', '5e', '2a', '8a',\n // 'd9', 'eb', 'ae', '0b'\n // ]\n```\n\n### uuid.stringify(arr[, offset])\n\nConvert array of bytes to UUID string\n\n| | |\n| -------------- | ---------------------------------------------------------------------------- |\n| `arr` | `Array`-like collection of 16 values (starting from `offset`) between 0-255. |\n| [`offset` = 0] | `Number` Starting index in the Array |\n| _returns_ | `String` |\n| _throws_ | `TypeError` if a valid UUID string cannot be generated |\n\nNote: Ordering of values in the byte arrays used by `parse()` and `stringify()` follows the left ↠ right order of hex-pairs in UUID strings. As shown in the example below.\n\nExample:\n\n```javascript\nimport { stringify as uuidStringify } from 'uuid';\n\nconst uuidBytes = [\n 0x6e,\n 0xc0,\n 0xbd,\n 0x7f,\n 0x11,\n 0xc0,\n 0x43,\n 0xda,\n 0x97,\n 0x5e,\n 0x2a,\n 0x8a,\n 0xd9,\n 0xeb,\n 0xae,\n 0x0b,\n];\n\nuuidStringify(uuidBytes); // ⇨ '6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b'\n```\n\n### uuid.v1([options[, buffer[, offset]]])\n\nCreate an RFC version 1 (timestamp) UUID\n\n| | |\n| --- | --- |\n| [`options`] | `Object` with one or more of the following properties: |\n| [`options.node` ] | RFC \"node\" field as an `Array[6]` of byte values (per 4.1.6) |\n| [`options.clockseq`] | RFC \"clock sequence\" as a `Number` between 0 - 0x3fff |\n| [`options.msecs`] | RFC \"timestamp\" field (`Number` of milliseconds, unix epoch) |\n| [`options.nsecs`] | RFC \"timestamp\" field (`Number` of nanseconds to add to `msecs`, should be 0-10,000) |\n| [`options.random`] | `Array` of 16 random bytes (0-255) |\n| [`options.rng`] | Alternative to `options.random`, a `Function` that returns an `Array` of 16 random bytes (0-255) |\n| [`buffer`] | `Array \\| Buffer` If specified, uuid will be written here in byte-form, starting at `offset` |\n| [`offset` = 0] | `Number` Index to start writing UUID bytes in `buffer` |\n| _returns_ | UUID `String` if no `buffer` is specified, otherwise returns `buffer` |\n| _throws_ | `Error` if more than 10M UUIDs/sec are requested |\n\nNote: The default [node id](https://tools.ietf.org/html/rfc4122#section-4.1.6) (the last 12 digits in the UUID) is generated once, randomly, on process startup, and then remains unchanged for the duration of the process.\n\nNote: `options.random` and `options.rng` are only meaningful on the very first call to `v1()`, where they may be passed to initialize the internal `node` and `clockseq` fields.\n\nExample:\n\n```javascript\nimport { v1 as uuidv1 } from 'uuid';\n\nuuidv1(); // ⇨ '2c5ea4c0-4067-11e9-8bad-9b1deb4d3b7d'\n```\n\nExample using `options`:\n\n```javascript\nimport { v1 as uuidv1 } from 'uuid';\n\nconst v1options = {\n node: [0x01, 0x23, 0x45, 0x67, 0x89, 0xab],\n clockseq: 0x1234,\n msecs: new Date('2011-11-01').getTime(),\n nsecs: 5678,\n};\nuuidv1(v1options); // ⇨ '710b962e-041c-11e1-9234-0123456789ab'\n```\n\n### uuid.v3(name, namespace[, buffer[, offset]])\n\nCreate an RFC version 3 (namespace w/ MD5) UUID\n\nAPI is identical to `v5()`, but uses \"v3\" instead.\n\n⚠️ Note: Per the RFC, \"_If backward compatibility is not an issue, SHA-1 [Version 5] is preferred_.\"\n\n### uuid.v4([options[, buffer[, offset]]])\n\nCreate an RFC version 4 (random) UUID\n\n| | |\n| --- | --- |\n| [`options`] | `Object` with one or more of the following properties: |\n| [`options.random`] | `Array` of 16 random bytes (0-255) |\n| [`options.rng`] | Alternative to `options.random`, a `Function` that returns an `Array` of 16 random bytes (0-255) |\n| [`buffer`] | `Array \\| Buffer` If specified, uuid will be written here in byte-form, starting at `offset` |\n| [`offset` = 0] | `Number` Index to start writing UUID bytes in `buffer` |\n| _returns_ | UUID `String` if no `buffer` is specified, otherwise returns `buffer` |\n\nExample:\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\n\nuuidv4(); // ⇨ '1b9d6bcd-bbfd-4b2d-9b5d-ab8dfbbd4bed'\n```\n\nExample using predefined `random` values:\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\n\nconst v4options = {\n random: [\n 0x10,\n 0x91,\n 0x56,\n 0xbe,\n 0xc4,\n 0xfb,\n 0xc1,\n 0xea,\n 0x71,\n 0xb4,\n 0xef,\n 0xe1,\n 0x67,\n 0x1c,\n 0x58,\n 0x36,\n ],\n};\nuuidv4(v4options); // ⇨ '109156be-c4fb-41ea-b1b4-efe1671c5836'\n```\n\n### uuid.v5(name, namespace[, buffer[, offset]])\n\nCreate an RFC version 5 (namespace w/ SHA-1) UUID\n\n| | |\n| --- | --- |\n| `name` | `String \\| Array` |\n| `namespace` | `String \\| Array[16]` Namespace UUID |\n| [`buffer`] | `Array \\| Buffer` If specified, uuid will be written here in byte-form, starting at `offset` |\n| [`offset` = 0] | `Number` Index to start writing UUID bytes in `buffer` |\n| _returns_ | UUID `String` if no `buffer` is specified, otherwise returns `buffer` |\n\nNote: The RFC `DNS` and `URL` namespaces are available as `v5.DNS` and `v5.URL`.\n\nExample with custom namespace:\n\n```javascript\nimport { v5 as uuidv5 } from 'uuid';\n\n// Define a custom namespace. Readers, create your own using something like\n// https://www.uuidgenerator.net/\nconst MY_NAMESPACE = '1b671a64-40d5-491e-99b0-da01ff1f3341';\n\nuuidv5('Hello, World!', MY_NAMESPACE); // ⇨ '630eb68f-e0fa-5ecc-887a-7c7a62614681'\n```\n\nExample with RFC `URL` namespace:\n\n```javascript\nimport { v5 as uuidv5 } from 'uuid';\n\nuuidv5('https://www.w3.org/', uuidv5.URL); // ⇨ 'c106a26a-21bb-5538-8bf2-57095d1976c1'\n```\n\n### uuid.validate(str)\n\nTest a string to see if it is a valid UUID\n\n| | |\n| --------- | --------------------------------------------------- |\n| `str` | `String` to validate |\n| _returns_ | `true` if string is a valid UUID, `false` otherwise |\n\nExample:\n\n```javascript\nimport { validate as uuidValidate } from 'uuid';\n\nuuidValidate('not a UUID'); // ⇨ false\nuuidValidate('6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b'); // ⇨ true\n```\n\nUsing `validate` and `version` together it is possible to do per-version validation, e.g. validate for only v4 UUIds.\n\n```javascript\nimport { version as uuidVersion } from 'uuid';\nimport { validate as uuidValidate } from 'uuid';\n\nfunction uuidValidateV4(uuid) {\n return uuidValidate(uuid) && uuidVersion(uuid) === 4;\n}\n\nconst v1Uuid = 'd9428888-122b-11e1-b85c-61cd3cbb3210';\nconst v4Uuid = '109156be-c4fb-41ea-b1b4-efe1671c5836';\n\nuuidValidateV4(v4Uuid); // ⇨ true\nuuidValidateV4(v1Uuid); // ⇨ false\n```\n\n### uuid.version(str)\n\nDetect RFC version of a UUID\n\n| | |\n| --------- | ---------------------------------------- |\n| `str` | A valid UUID `String` |\n| _returns_ | `Number` The RFC version of the UUID |\n| _throws_ | `TypeError` if `str` is not a valid UUID |\n\nExample:\n\n```javascript\nimport { version as uuidVersion } from 'uuid';\n\nuuidVersion('45637ec4-c85f-11ea-87d0-0242ac130003'); // ⇨ 1\nuuidVersion('6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b'); // ⇨ 4\n```\n\n## Command Line\n\nUUIDs can be generated from the command line using `uuid`.\n\n```shell\n$ uuid\nddeb27fb-d9a0-4624-be4d-4615062daed4\n```\n\nThe default is to generate version 4 UUIDS, however the other versions are supported. Type `uuid --help` for details:\n\n```shell\n$ uuid --help\n\nUsage:\n uuid\n uuid v1\n uuid v3 \n uuid v4\n uuid v5 \n uuid --help\n\nNote: may be \"URL\" or \"DNS\" to use the corresponding UUIDs\ndefined by RFC4122\n```\n\n## ECMAScript Modules\n\nThis library comes with [ECMAScript Modules](https://www.ecma-international.org/ecma-262/6.0/#sec-modules) (ESM) support for Node.js versions that support it ([example](./examples/node-esmodules/)) as well as bundlers like [rollup.js](https://rollupjs.org/guide/en/#tree-shaking) ([example](./examples/browser-rollup/)) and [webpack](https://webpack.js.org/guides/tree-shaking/) ([example](./examples/browser-webpack/)) (targeting both, Node.js and browser environments).\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\nuuidv4(); // ⇨ '1b9d6bcd-bbfd-4b2d-9b5d-ab8dfbbd4bed'\n```\n\nTo run the examples you must first create a dist build of this library in the module root:\n\n```shell\nnpm run build\n```\n\n## CDN Builds\n\n### ECMAScript Modules\n\nTo load this module directly into modern browsers that [support loading ECMAScript Modules](https://caniuse.com/#feat=es6-module) you can make use of [jspm](https://jspm.org/):\n\n```html\n\n```\n\n### UMD\n\nTo load this module directly into older browsers you can use the [UMD (Universal Module Definition)](https://github.com/umdjs/umd) builds from any of the following CDNs:\n\n**Using [UNPKG](https://unpkg.com/uuid@latest/dist/umd/)**:\n\n```html\n\n```\n\n**Using [jsDelivr](https://cdn.jsdelivr.net/npm/uuid@latest/dist/umd/)**:\n\n```html\n\n```\n\n**Using [cdnjs](https://cdnjs.com/libraries/uuid)**:\n\n```html\n\n```\n\nThese CDNs all provide the same [`uuidv4()`](#uuidv4options-buffer-offset) method:\n\n```html\n\n```\n\nMethods for the other algorithms ([`uuidv1()`](#uuidv1options-buffer-offset), [`uuidv3()`](#uuidv3name-namespace-buffer-offset) and [`uuidv5()`](#uuidv5name-namespace-buffer-offset)) are available from the files `uuidv1.min.js`, `uuidv3.min.js` and `uuidv5.min.js` respectively.\n\n## \"getRandomValues() not supported\"\n\nThis error occurs in environments where the standard [`crypto.getRandomValues()`](https://developer.mozilla.org/en-US/docs/Web/API/Crypto/getRandomValues) API is not supported. This issue can be resolved by adding an appropriate polyfill:\n\n### React Native / Expo\n\n1. Install [`react-native-get-random-values`](https://github.com/LinusU/react-native-get-random-values#readme)\n1. Import it _before_ `uuid`. Since `uuid` might also appear as a transitive dependency of some other imports it's safest to just import `react-native-get-random-values` as the very first thing in your entry point:\n\n```javascript\nimport 'react-native-get-random-values';\nimport { v4 as uuidv4 } from 'uuid';\n```\n\nNote: If you are using Expo, you must be using at least `react-native-get-random-values@1.5.0` and `expo@39.0.0`.\n\n### Web Workers / Service Workers (Edge <= 18)\n\n[In Edge <= 18, Web Crypto is not supported in Web Workers or Service Workers](https://caniuse.com/#feat=cryptography) and we are not aware of a polyfill (let us know if you find one, please).\n\n## Upgrading From `uuid@7.x`\n\n### Only Named Exports Supported When Using with Node.js ESM\n\n`uuid@7.x` did not come with native ECMAScript Module (ESM) support for Node.js. Importing it in Node.js ESM consequently imported the CommonJS source with a default export. This library now comes with true Node.js ESM support and only provides named exports.\n\nInstead of doing:\n\n```javascript\nimport uuid from 'uuid';\nuuid.v4();\n```\n\nyou will now have to use the named exports:\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\nuuidv4();\n```\n\n### Deep Requires No Longer Supported\n\nDeep requires like `require('uuid/v4')` [which have been deprecated in `uuid@7.x`](#deep-requires-now-deprecated) are no longer supported.\n\n## Upgrading From `uuid@3.x`\n\n\"_Wait... what happened to `uuid@4.x` - `uuid@6.x`?!?_\"\n\nIn order to avoid confusion with RFC [version 4](#uuidv4options-buffer-offset) and [version 5](#uuidv5name-namespace-buffer-offset) UUIDs, and a possible [version 6](http://gh.peabody.io/uuidv6/), releases 4 thru 6 of this module have been skipped.\n\n### Deep Requires Now Deprecated\n\n`uuid@3.x` encouraged the use of deep requires to minimize the bundle size of browser builds:\n\n```javascript\nconst uuidv4 = require('uuid/v4'); // <== NOW DEPRECATED!\nuuidv4();\n```\n\nAs of `uuid@7.x` this library now provides ECMAScript modules builds, which allow packagers like Webpack and Rollup to do \"tree-shaking\" to remove dead code. Instead, use the `import` syntax:\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\nuuidv4();\n```\n\n... or for CommonJS:\n\n```javascript\nconst { v4: uuidv4 } = require('uuid');\nuuidv4();\n```\n\n### Default Export Removed\n\n`uuid@3.x` was exporting the Version 4 UUID method as a default export:\n\n```javascript\nconst uuid = require('uuid'); // <== REMOVED!\n```\n\nThis usage pattern was already discouraged in `uuid@3.x` and has been removed in `uuid@7.x`.\n\n----\nMarkdown generated from [README_js.md](README_js.md) by [![RunMD Logo](http://i.imgur.com/h0FVyzU.png)](https://github.com/broofa/runmd)", + "readmeFilename": "README.md", + "_args": [ + [ + "uuid@8.3.2", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project" + ] + ], + "dependencies": {}, + "optionalDependencies": {}, + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\uuid", + "error": "[Circular]", + "extraneous": false + }, + "uuidv4": { + "_from": "uuidv4@^6.2.13", + "_id": "uuidv4@6.2.13", + "_integrity": "sha512-AXyzMjazYB3ovL3q051VLH06Ixj//Knx7QnUSi1T//Ie3io6CpsPu9nVMOx5MoLWh6xV0B9J0hIaxungxXUbPQ==", + "_location": "/uuidv4", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "uuidv4@6.2.13", + "name": "uuidv4", + "escapedName": "uuidv4", + "rawSpec": "6.2.13", + "saveSpec": "[Circular]", + "fetchSpec": "6.2.13" + }, + "_requiredBy": [ + "/" + ], + "_resolved": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "_shasum": "8f95ec5ef22d1f92c8e5d4c70b735d1c89572cb7", + "_spec": "6.2.13", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project", + "bugs": { + "url": "https://github.com/thenativeweb/uuidv4/issues" + }, + "contributors": [ + { + "name": "Golo Roden", + "email": "golo.roden@thenativeweb.io" + }, + { + "name": "Matthias Wagler", + "email": "matthias.wagler@thenativeweb.io" + }, + { + "name": "Jan-Hendrik Grundhöfer", + "email": "jan-hendrik.grundhoefer@thenativeweb.io" + }, + { + "name": "Sven Eppler", + "email": "sven.eppler@sodgeit.de" + }, + { + "name": "Hannes Leutloff", + "email": "hannes.leutloff@thenativeweb.io" + } + ], + "dependencies": { + "@types/uuid": { + "_from": "@types/uuid@8.3.4", + "_id": "@types/uuid@8.3.4", + "_integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "_location": "/@types/uuid", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "@types/uuid@8.3.4", + "name": "@types/uuid", + "escapedName": "@types%2fuuid", + "scope": "@types", + "rawSpec": "8.3.4", + "saveSpec": "[Circular]", + "fetchSpec": "8.3.4" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "_shasum": "bd86a43617df0594787d38b735f55c805becf1bc", + "_spec": "8.3.4", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project", + "bugs": "[Circular]", + "contributors": "[Circular]", + "dependencies": {}, + "deprecated": false, + "description": "TypeScript definitions for uuid", + "exports": "[Circular]", + "homepage": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/uuid", + "license": "MIT", + "main": "", + "name": "@types/uuid", + "repository": "[Circular]", + "scripts": "[Circular]", + "typeScriptVersion": "3.8", + "types": "index.d.ts", + "typesPublisherContentHash": "7bd9cd358e9e4357393eb0163c44f44dc265ab936b456743af6ed3d0d0ac644f", + "version": "8.3.4", + "readme": "# Installation\r\n> `npm install --save @types/uuid`\r\n\r\n# Summary\r\nThis package contains type definitions for uuid (https://github.com/uuidjs/uuid).\r\n\r\n# Details\r\nFiles were exported from https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/uuid.\r\n\r\n### Additional Details\r\n * Last updated: Thu, 06 Jan 2022 07:31:27 GMT\r\n * Dependencies: none\r\n * Global values: none\r\n\r\n# Credits\r\nThese definitions were written by [Oliver Hoffmann](https://github.com/iamolivinius), [Felipe Ochoa](https://github.com/felipeochoa), [Chris Barth](https://github.com/cjbarth), [Linus Unnebäck](https://github.com/LinusU), and [Christoph Tavan](https://github.com/ctavan).\r\n", + "readmeFilename": "README.md", + "_args": "[Circular]", + "devDependencies": "[Circular]", + "optionalDependencies": "[Circular]", + "_dependencies": "[Circular]", + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\@types\\uuid", + "error": "[Circular]", + "extraneous": false, + "_deduped": "node_modules\\@types\\uuid" + }, + "uuid": { + "_from": "uuid@8.3.2", + "_id": "uuid@8.3.2", + "_integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "_location": "/uuid", + "_phantomChildren": "[Circular]", + "_requested": { + "type": "version", + "registry": true, + "raw": "uuid@8.3.2", + "name": "uuid", + "escapedName": "uuid", + "rawSpec": "8.3.2", + "saveSpec": "[Circular]", + "fetchSpec": "8.3.2" + }, + "_requiredBy": "[Circular]", + "_resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "_shasum": "80d5b5ced271bb9af6c445f21a1a04c606cefbe2", + "_spec": "8.3.2", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project", + "bin": "[Circular]", + "browser": "[Circular]", + "bugs": "[Circular]", + "commitlint": "[Circular]", + "deprecated": false, + "description": "RFC4122 (v1, v4, and v5) UUIDs", + "devDependencies": "[Circular]", + "exports": "[Circular]", + "files": "[Circular]", + "homepage": "https://github.com/uuidjs/uuid#readme", + "husky": "[Circular]", + "keywords": "[Circular]", + "license": "MIT", + "lint-staged": "[Circular]", + "main": "./dist/index.js", + "module": "./dist/esm-node/index.js", + "name": "uuid", + "optionalDevDependencies": "[Circular]", + "repository": "[Circular]", + "scripts": "[Circular]", + "sideEffects": false, + "standard-version": "[Circular]", + "version": "8.3.2", + "readme": "\n\n# uuid [![CI](https://github.com/uuidjs/uuid/workflows/CI/badge.svg)](https://github.com/uuidjs/uuid/actions?query=workflow%3ACI) [![Browser](https://github.com/uuidjs/uuid/workflows/Browser/badge.svg)](https://github.com/uuidjs/uuid/actions?query=workflow%3ABrowser)\n\nFor the creation of [RFC4122](http://www.ietf.org/rfc/rfc4122.txt) UUIDs\n\n- **Complete** - Support for RFC4122 version 1, 3, 4, and 5 UUIDs\n- **Cross-platform** - Support for ...\n - CommonJS, [ECMAScript Modules](#ecmascript-modules) and [CDN builds](#cdn-builds)\n - Node 8, 10, 12, 14\n - Chrome, Safari, Firefox, Edge, IE 11 browsers\n - Webpack and rollup.js module bundlers\n - [React Native / Expo](#react-native--expo)\n- **Secure** - Cryptographically-strong random values\n- **Small** - Zero-dependency, small footprint, plays nice with \"tree shaking\" packagers\n- **CLI** - Includes the [`uuid` command line](#command-line) utility\n\n**Upgrading from `uuid@3.x`?** Your code is probably okay, but check out [Upgrading From `uuid@3.x`](#upgrading-from-uuid3x) for details.\n\n## Quickstart\n\nTo create a random UUID...\n\n**1. Install**\n\n```shell\nnpm install uuid\n```\n\n**2. Create a UUID** (ES6 module syntax)\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\nuuidv4(); // ⇨ '9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d'\n```\n\n... or using CommonJS syntax:\n\n```javascript\nconst { v4: uuidv4 } = require('uuid');\nuuidv4(); // ⇨ '1b9d6bcd-bbfd-4b2d-9b5d-ab8dfbbd4bed'\n```\n\nFor timestamp UUIDs, namespace UUIDs, and other options read on ...\n\n## API Summary\n\n| | | |\n| --- | --- | --- |\n| [`uuid.NIL`](#uuidnil) | The nil UUID string (all zeros) | New in `uuid@8.3` |\n| [`uuid.parse()`](#uuidparsestr) | Convert UUID string to array of bytes | New in `uuid@8.3` |\n| [`uuid.stringify()`](#uuidstringifyarr-offset) | Convert array of bytes to UUID string | New in `uuid@8.3` |\n| [`uuid.v1()`](#uuidv1options-buffer-offset) | Create a version 1 (timestamp) UUID | |\n| [`uuid.v3()`](#uuidv3name-namespace-buffer-offset) | Create a version 3 (namespace w/ MD5) UUID | |\n| [`uuid.v4()`](#uuidv4options-buffer-offset) | Create a version 4 (random) UUID | |\n| [`uuid.v5()`](#uuidv5name-namespace-buffer-offset) | Create a version 5 (namespace w/ SHA-1) UUID | |\n| [`uuid.validate()`](#uuidvalidatestr) | Test a string to see if it is a valid UUID | New in `uuid@8.3` |\n| [`uuid.version()`](#uuidversionstr) | Detect RFC version of a UUID | New in `uuid@8.3` |\n\n## API\n\n### uuid.NIL\n\nThe nil UUID string (all zeros).\n\nExample:\n\n```javascript\nimport { NIL as NIL_UUID } from 'uuid';\n\nNIL_UUID; // ⇨ '00000000-0000-0000-0000-000000000000'\n```\n\n### uuid.parse(str)\n\nConvert UUID string to array of bytes\n\n| | |\n| --------- | ---------------------------------------- |\n| `str` | A valid UUID `String` |\n| _returns_ | `Uint8Array[16]` |\n| _throws_ | `TypeError` if `str` is not a valid UUID |\n\nNote: Ordering of values in the byte arrays used by `parse()` and `stringify()` follows the left ↠ right order of hex-pairs in UUID strings. As shown in the example below.\n\nExample:\n\n```javascript\nimport { parse as uuidParse } from 'uuid';\n\n// Parse a UUID\nconst bytes = uuidParse('6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b');\n\n// Convert to hex strings to show byte order (for documentation purposes)\n[...bytes].map((v) => v.toString(16).padStart(2, '0')); // ⇨ \n // [\n // '6e', 'c0', 'bd', '7f',\n // '11', 'c0', '43', 'da',\n // '97', '5e', '2a', '8a',\n // 'd9', 'eb', 'ae', '0b'\n // ]\n```\n\n### uuid.stringify(arr[, offset])\n\nConvert array of bytes to UUID string\n\n| | |\n| -------------- | ---------------------------------------------------------------------------- |\n| `arr` | `Array`-like collection of 16 values (starting from `offset`) between 0-255. |\n| [`offset` = 0] | `Number` Starting index in the Array |\n| _returns_ | `String` |\n| _throws_ | `TypeError` if a valid UUID string cannot be generated |\n\nNote: Ordering of values in the byte arrays used by `parse()` and `stringify()` follows the left ↠ right order of hex-pairs in UUID strings. As shown in the example below.\n\nExample:\n\n```javascript\nimport { stringify as uuidStringify } from 'uuid';\n\nconst uuidBytes = [\n 0x6e,\n 0xc0,\n 0xbd,\n 0x7f,\n 0x11,\n 0xc0,\n 0x43,\n 0xda,\n 0x97,\n 0x5e,\n 0x2a,\n 0x8a,\n 0xd9,\n 0xeb,\n 0xae,\n 0x0b,\n];\n\nuuidStringify(uuidBytes); // ⇨ '6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b'\n```\n\n### uuid.v1([options[, buffer[, offset]]])\n\nCreate an RFC version 1 (timestamp) UUID\n\n| | |\n| --- | --- |\n| [`options`] | `Object` with one or more of the following properties: |\n| [`options.node` ] | RFC \"node\" field as an `Array[6]` of byte values (per 4.1.6) |\n| [`options.clockseq`] | RFC \"clock sequence\" as a `Number` between 0 - 0x3fff |\n| [`options.msecs`] | RFC \"timestamp\" field (`Number` of milliseconds, unix epoch) |\n| [`options.nsecs`] | RFC \"timestamp\" field (`Number` of nanseconds to add to `msecs`, should be 0-10,000) |\n| [`options.random`] | `Array` of 16 random bytes (0-255) |\n| [`options.rng`] | Alternative to `options.random`, a `Function` that returns an `Array` of 16 random bytes (0-255) |\n| [`buffer`] | `Array \\| Buffer` If specified, uuid will be written here in byte-form, starting at `offset` |\n| [`offset` = 0] | `Number` Index to start writing UUID bytes in `buffer` |\n| _returns_ | UUID `String` if no `buffer` is specified, otherwise returns `buffer` |\n| _throws_ | `Error` if more than 10M UUIDs/sec are requested |\n\nNote: The default [node id](https://tools.ietf.org/html/rfc4122#section-4.1.6) (the last 12 digits in the UUID) is generated once, randomly, on process startup, and then remains unchanged for the duration of the process.\n\nNote: `options.random` and `options.rng` are only meaningful on the very first call to `v1()`, where they may be passed to initialize the internal `node` and `clockseq` fields.\n\nExample:\n\n```javascript\nimport { v1 as uuidv1 } from 'uuid';\n\nuuidv1(); // ⇨ '2c5ea4c0-4067-11e9-8bad-9b1deb4d3b7d'\n```\n\nExample using `options`:\n\n```javascript\nimport { v1 as uuidv1 } from 'uuid';\n\nconst v1options = {\n node: [0x01, 0x23, 0x45, 0x67, 0x89, 0xab],\n clockseq: 0x1234,\n msecs: new Date('2011-11-01').getTime(),\n nsecs: 5678,\n};\nuuidv1(v1options); // ⇨ '710b962e-041c-11e1-9234-0123456789ab'\n```\n\n### uuid.v3(name, namespace[, buffer[, offset]])\n\nCreate an RFC version 3 (namespace w/ MD5) UUID\n\nAPI is identical to `v5()`, but uses \"v3\" instead.\n\n⚠️ Note: Per the RFC, \"_If backward compatibility is not an issue, SHA-1 [Version 5] is preferred_.\"\n\n### uuid.v4([options[, buffer[, offset]]])\n\nCreate an RFC version 4 (random) UUID\n\n| | |\n| --- | --- |\n| [`options`] | `Object` with one or more of the following properties: |\n| [`options.random`] | `Array` of 16 random bytes (0-255) |\n| [`options.rng`] | Alternative to `options.random`, a `Function` that returns an `Array` of 16 random bytes (0-255) |\n| [`buffer`] | `Array \\| Buffer` If specified, uuid will be written here in byte-form, starting at `offset` |\n| [`offset` = 0] | `Number` Index to start writing UUID bytes in `buffer` |\n| _returns_ | UUID `String` if no `buffer` is specified, otherwise returns `buffer` |\n\nExample:\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\n\nuuidv4(); // ⇨ '1b9d6bcd-bbfd-4b2d-9b5d-ab8dfbbd4bed'\n```\n\nExample using predefined `random` values:\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\n\nconst v4options = {\n random: [\n 0x10,\n 0x91,\n 0x56,\n 0xbe,\n 0xc4,\n 0xfb,\n 0xc1,\n 0xea,\n 0x71,\n 0xb4,\n 0xef,\n 0xe1,\n 0x67,\n 0x1c,\n 0x58,\n 0x36,\n ],\n};\nuuidv4(v4options); // ⇨ '109156be-c4fb-41ea-b1b4-efe1671c5836'\n```\n\n### uuid.v5(name, namespace[, buffer[, offset]])\n\nCreate an RFC version 5 (namespace w/ SHA-1) UUID\n\n| | |\n| --- | --- |\n| `name` | `String \\| Array` |\n| `namespace` | `String \\| Array[16]` Namespace UUID |\n| [`buffer`] | `Array \\| Buffer` If specified, uuid will be written here in byte-form, starting at `offset` |\n| [`offset` = 0] | `Number` Index to start writing UUID bytes in `buffer` |\n| _returns_ | UUID `String` if no `buffer` is specified, otherwise returns `buffer` |\n\nNote: The RFC `DNS` and `URL` namespaces are available as `v5.DNS` and `v5.URL`.\n\nExample with custom namespace:\n\n```javascript\nimport { v5 as uuidv5 } from 'uuid';\n\n// Define a custom namespace. Readers, create your own using something like\n// https://www.uuidgenerator.net/\nconst MY_NAMESPACE = '1b671a64-40d5-491e-99b0-da01ff1f3341';\n\nuuidv5('Hello, World!', MY_NAMESPACE); // ⇨ '630eb68f-e0fa-5ecc-887a-7c7a62614681'\n```\n\nExample with RFC `URL` namespace:\n\n```javascript\nimport { v5 as uuidv5 } from 'uuid';\n\nuuidv5('https://www.w3.org/', uuidv5.URL); // ⇨ 'c106a26a-21bb-5538-8bf2-57095d1976c1'\n```\n\n### uuid.validate(str)\n\nTest a string to see if it is a valid UUID\n\n| | |\n| --------- | --------------------------------------------------- |\n| `str` | `String` to validate |\n| _returns_ | `true` if string is a valid UUID, `false` otherwise |\n\nExample:\n\n```javascript\nimport { validate as uuidValidate } from 'uuid';\n\nuuidValidate('not a UUID'); // ⇨ false\nuuidValidate('6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b'); // ⇨ true\n```\n\nUsing `validate` and `version` together it is possible to do per-version validation, e.g. validate for only v4 UUIds.\n\n```javascript\nimport { version as uuidVersion } from 'uuid';\nimport { validate as uuidValidate } from 'uuid';\n\nfunction uuidValidateV4(uuid) {\n return uuidValidate(uuid) && uuidVersion(uuid) === 4;\n}\n\nconst v1Uuid = 'd9428888-122b-11e1-b85c-61cd3cbb3210';\nconst v4Uuid = '109156be-c4fb-41ea-b1b4-efe1671c5836';\n\nuuidValidateV4(v4Uuid); // ⇨ true\nuuidValidateV4(v1Uuid); // ⇨ false\n```\n\n### uuid.version(str)\n\nDetect RFC version of a UUID\n\n| | |\n| --------- | ---------------------------------------- |\n| `str` | A valid UUID `String` |\n| _returns_ | `Number` The RFC version of the UUID |\n| _throws_ | `TypeError` if `str` is not a valid UUID |\n\nExample:\n\n```javascript\nimport { version as uuidVersion } from 'uuid';\n\nuuidVersion('45637ec4-c85f-11ea-87d0-0242ac130003'); // ⇨ 1\nuuidVersion('6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b'); // ⇨ 4\n```\n\n## Command Line\n\nUUIDs can be generated from the command line using `uuid`.\n\n```shell\n$ uuid\nddeb27fb-d9a0-4624-be4d-4615062daed4\n```\n\nThe default is to generate version 4 UUIDS, however the other versions are supported. Type `uuid --help` for details:\n\n```shell\n$ uuid --help\n\nUsage:\n uuid\n uuid v1\n uuid v3 \n uuid v4\n uuid v5 \n uuid --help\n\nNote: may be \"URL\" or \"DNS\" to use the corresponding UUIDs\ndefined by RFC4122\n```\n\n## ECMAScript Modules\n\nThis library comes with [ECMAScript Modules](https://www.ecma-international.org/ecma-262/6.0/#sec-modules) (ESM) support for Node.js versions that support it ([example](./examples/node-esmodules/)) as well as bundlers like [rollup.js](https://rollupjs.org/guide/en/#tree-shaking) ([example](./examples/browser-rollup/)) and [webpack](https://webpack.js.org/guides/tree-shaking/) ([example](./examples/browser-webpack/)) (targeting both, Node.js and browser environments).\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\nuuidv4(); // ⇨ '1b9d6bcd-bbfd-4b2d-9b5d-ab8dfbbd4bed'\n```\n\nTo run the examples you must first create a dist build of this library in the module root:\n\n```shell\nnpm run build\n```\n\n## CDN Builds\n\n### ECMAScript Modules\n\nTo load this module directly into modern browsers that [support loading ECMAScript Modules](https://caniuse.com/#feat=es6-module) you can make use of [jspm](https://jspm.org/):\n\n```html\n\n```\n\n### UMD\n\nTo load this module directly into older browsers you can use the [UMD (Universal Module Definition)](https://github.com/umdjs/umd) builds from any of the following CDNs:\n\n**Using [UNPKG](https://unpkg.com/uuid@latest/dist/umd/)**:\n\n```html\n\n```\n\n**Using [jsDelivr](https://cdn.jsdelivr.net/npm/uuid@latest/dist/umd/)**:\n\n```html\n\n```\n\n**Using [cdnjs](https://cdnjs.com/libraries/uuid)**:\n\n```html\n\n```\n\nThese CDNs all provide the same [`uuidv4()`](#uuidv4options-buffer-offset) method:\n\n```html\n\n```\n\nMethods for the other algorithms ([`uuidv1()`](#uuidv1options-buffer-offset), [`uuidv3()`](#uuidv3name-namespace-buffer-offset) and [`uuidv5()`](#uuidv5name-namespace-buffer-offset)) are available from the files `uuidv1.min.js`, `uuidv3.min.js` and `uuidv5.min.js` respectively.\n\n## \"getRandomValues() not supported\"\n\nThis error occurs in environments where the standard [`crypto.getRandomValues()`](https://developer.mozilla.org/en-US/docs/Web/API/Crypto/getRandomValues) API is not supported. This issue can be resolved by adding an appropriate polyfill:\n\n### React Native / Expo\n\n1. Install [`react-native-get-random-values`](https://github.com/LinusU/react-native-get-random-values#readme)\n1. Import it _before_ `uuid`. Since `uuid` might also appear as a transitive dependency of some other imports it's safest to just import `react-native-get-random-values` as the very first thing in your entry point:\n\n```javascript\nimport 'react-native-get-random-values';\nimport { v4 as uuidv4 } from 'uuid';\n```\n\nNote: If you are using Expo, you must be using at least `react-native-get-random-values@1.5.0` and `expo@39.0.0`.\n\n### Web Workers / Service Workers (Edge <= 18)\n\n[In Edge <= 18, Web Crypto is not supported in Web Workers or Service Workers](https://caniuse.com/#feat=cryptography) and we are not aware of a polyfill (let us know if you find one, please).\n\n## Upgrading From `uuid@7.x`\n\n### Only Named Exports Supported When Using with Node.js ESM\n\n`uuid@7.x` did not come with native ECMAScript Module (ESM) support for Node.js. Importing it in Node.js ESM consequently imported the CommonJS source with a default export. This library now comes with true Node.js ESM support and only provides named exports.\n\nInstead of doing:\n\n```javascript\nimport uuid from 'uuid';\nuuid.v4();\n```\n\nyou will now have to use the named exports:\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\nuuidv4();\n```\n\n### Deep Requires No Longer Supported\n\nDeep requires like `require('uuid/v4')` [which have been deprecated in `uuid@7.x`](#deep-requires-now-deprecated) are no longer supported.\n\n## Upgrading From `uuid@3.x`\n\n\"_Wait... what happened to `uuid@4.x` - `uuid@6.x`?!?_\"\n\nIn order to avoid confusion with RFC [version 4](#uuidv4options-buffer-offset) and [version 5](#uuidv5name-namespace-buffer-offset) UUIDs, and a possible [version 6](http://gh.peabody.io/uuidv6/), releases 4 thru 6 of this module have been skipped.\n\n### Deep Requires Now Deprecated\n\n`uuid@3.x` encouraged the use of deep requires to minimize the bundle size of browser builds:\n\n```javascript\nconst uuidv4 = require('uuid/v4'); // <== NOW DEPRECATED!\nuuidv4();\n```\n\nAs of `uuid@7.x` this library now provides ECMAScript modules builds, which allow packagers like Webpack and Rollup to do \"tree-shaking\" to remove dead code. Instead, use the `import` syntax:\n\n```javascript\nimport { v4 as uuidv4 } from 'uuid';\nuuidv4();\n```\n\n... or for CommonJS:\n\n```javascript\nconst { v4: uuidv4 } = require('uuid');\nuuidv4();\n```\n\n### Default Export Removed\n\n`uuid@3.x` was exporting the Version 4 UUID method as a default export:\n\n```javascript\nconst uuid = require('uuid'); // <== REMOVED!\n```\n\nThis usage pattern was already discouraged in `uuid@3.x` and has been removed in `uuid@7.x`.\n\n----\nMarkdown generated from [README_js.md](README_js.md) by [![RunMD Logo](http://i.imgur.com/h0FVyzU.png)](https://github.com/broofa/runmd)", + "readmeFilename": "README.md", + "_args": "[Circular]", + "dependencies": {}, + "optionalDependencies": "[Circular]", + "_dependencies": "[Circular]", + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\uuid", + "error": "[Circular]", + "extraneous": false, + "_deduped": "node_modules\\uuid" + } + }, + "deprecated": false, + "description": "uuidv4 creates v4 UUIDs.", + "devDependencies": { + "assertthat": "6.4.0", + "roboter": "12.7.1", + "semantic-release-configuration": "2.0.7" + }, + "homepage": "https://github.com/thenativeweb/uuidv4#readme", + "keywords": [ + "guid", + "uuid" + ], + "license": "MIT", + "main": "build/lib/uuidv4.js", + "name": "uuidv4", + "private": false, + "repository": { + "type": "git", + "url": "git://github.com/thenativeweb/uuidv4.git" + }, + "scripts": {}, + "types": "build/lib/uuidv4.d.ts", + "version": "6.2.13", + "readme": "# uuidv4\n\nuuidv4 creates v4 UUIDs.\n\n## Status\n\n| Category | Status |\n| ---------------- | --------------------------------------------------------------------------------------------------- |\n| Version | [![npm](https://img.shields.io/npm/v/uuidv4)](https://www.npmjs.com/package/uuidv4) |\n| Dependencies | ![David](https://img.shields.io/david/thenativeweb/uuidv4) |\n| Dev dependencies | ![David](https://img.shields.io/david/dev/thenativeweb/uuidv4) |\n| Build | ![GitHub Actions](https://github.com/thenativeweb/uuidv4/workflows/Release/badge.svg?branch=main) |\n| License | ![GitHub](https://img.shields.io/github/license/thenativeweb/uuidv4) |\n\n## Please note\n\nThis module will be deprecated in the future in favour of module [uuid](https://www.npmjs.com/package/uuid). Most of the functionality of this module is already included in `uuid` since version `8.3.0`, so most of the functions of this module have already been marked as deprecated.\n\n## Installation\n\n```shell\n$ npm install uuidv4\n```\n\n## Quick start\n\nFirst you need to integrate uuidv4 into your project by using the `require` function:\n\n```javascript\nconst { uuid } = require('uuidv4');\n```\n\nIf you use TypeScript, use the following code instead:\n\n```typescript\nimport { uuid } from 'uuidv4';\n```\n\nThen you can create UUIDs. To do so simply call the `uuid` function:\n\n```javascript\nconsole.log(uuid());\n// => '11bf5b37-e0b8-42e0-8dcf-dc8c4aefc000'\n```\n\n### Verifying a UUID\n\nTo verify whether a given value is a UUID, use the `isUuid` function:\n\n```javascript\nimport { isUuid } from 'uuidv4';\n\nconsole.log(isUuid('75442486-0878-440c-9db1-a7006c25a39f'));\n// => true\n```\n\n_Please note that the `isUuid` function returns `true` for both, `v4` and `v5` UUIDs. In addition, `isUuid` returns `true` for `empty()`._\n\n#### Using a regular expression\n\nIf you want to perform the verification on your own using a regular expression, use the `regex` property, and access its `v4` or `v5` property, depending on what you need:\n\n```javascript\nimport { regex } from 'uuidv4';\n\nconsole.log(regex.v4);\nconsole.log(regex.v5);\n```\n\n_Please note that the regular expressions also consider `empty()` to be a valid UUID._\n\n#### Using a JSON schema\n\nIf you want to perform the verification on your own using a JSON schema, use the `jsonSchema` property, and access its `v4` or `v5` property, depending on what you need:\n\n```javascript\nimport { jsonSchema } from 'uuidv4';\n\nconsole.log(jsonSchema.v4);\nconsole.log(jsonSchema.v5);\n```\n\n_Please note that the JSON schemas also consider `empty()` to be a valid UUID._\n\n### Getting a UUID from a string\n\nFrom time to time you need an identifier that looks like a UUID, but is actually inferred from a string. For that, use the `fromString` function, which returns a UUID `v5`:\n\n```javascript\nimport { fromString } from 'uuidv4';\n\nconsole.log(fromString('the native web'));\n// => 'cdb63720-9628-5ef6-bbca-2e5ce6094f3c'\n```\n\nBy default, the `fromString` function uses a pre-configured namespace. If you want to use your own namespace, provide a UUID as second parameter:\n\n```javascript\nimport { fromString } from 'uuidv4';\n\nconsole.log(fromString('the native web', '004aadf4-8e1a-4450-905b-6039179f52da'));\n// => 'b1c4a89e-4905-5e3c-b57f-dc92627d011e'\n```\n\n### Getting the empty UUID\n\nIf you need a UUID that consists only of zeros, use the `empty` function:\n\n```javascript\nimport { empty } from 'uuidv4';\n\nconsole.log(empty());\n// => '00000000-0000-0000-0000-000000000000'\n```\n\n## Running quality assurance\n\nTo run quality assurance for this module use [roboter](https://www.npmjs.com/package/roboter):\n\n```shell\n$ npx roboter\n```\n", + "readmeFilename": "README.md", + "_optional": true, + "_args": [ + [ + "uuidv4@6.2.13", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project" + ] + ], + "optionalDependencies": {}, + "_dependencies": { + "@types/uuid": "8.3.4", + "uuid": "8.3.2" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\uuidv4", + "error": "[Circular]", + "extraneous": false + } + }, + "_id": "demo-dev-dependencies@0.0.0", + "_shrinkwrap": { + "name": "demo-dev-dependencies", + "version": "0.0.0", + "lockfileVersion": 1, + "requires": true, + "dependencies": { + "@types/node": { + "version": "20.12.8", + "resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "integrity": "sha512-NU0rJLJnshZWdE/097cdCBbyW1h4hEg0xpovcoAQYHl8dnEyp/NAOiE45pvc+Bd1Dt+2r94v2eGFpQJ4R7g+2w==", + "dev": true, + "requires": { + "undici-types": "~5.26.4" + } + }, + "@types/uuid": { + "version": "8.3.4", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==" + }, + "undici-types": { + "version": "5.26.5", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==", + "dev": true + }, + "uuid": { + "version": "8.3.2", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==" + }, + "uuidv4": { + "version": "6.2.13", + "resolved": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "integrity": "sha512-AXyzMjazYB3ovL3q051VLH06Ixj//Knx7QnUSi1T//Ie3io6CpsPu9nVMOx5MoLWh6xV0B9J0hIaxungxXUbPQ==", + "optional": true, + "requires": { + "@types/uuid": "8.3.4", + "uuid": "8.3.2" + } + } + } + }, + "_dependencies": { + "uuidv4": "^6.2.13" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project", + "error": "[Circular]", + "extraneous": false +} diff --git a/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm7_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm7_node22_macos-latest.json new file mode 100644 index 00000000..eb90c4b8 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm7_node22_macos-latest.json @@ -0,0 +1,130 @@ +{ + "version": "0.0.0", + "name": "demo-dev-dependencies", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "private": true, + "license": "Apache-2.0", + "optionalDependencies": { + "uuidv4": "^6.2.13" + }, + "devDependencies": { + "@types/node": ">=16", + "@types/uuid": "^8", + "uuid": "^8" + }, + "_id": "demo-dev-dependencies@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project", + "_dependencies": { + "uuidv4": "^6.2.13" + }, + "peerDependencies": {}, + "dependencies": { + "@types/node": { + "version": "20.12.8", + "resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "name": "@types/node", + "integrity": "sha512-NU0rJLJnshZWdE/097cdCBbyW1h4hEg0xpovcoAQYHl8dnEyp/NAOiE45pvc+Bd1Dt+2r94v2eGFpQJ4R7g+2w==", + "dev": true, + "_id": "@types/node@20.12.8", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/node", + "_dependencies": { + "undici-types": "~5.26.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "undici-types": { + "version": "5.26.5", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "name": "undici-types", + "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==", + "dev": true, + "_id": "undici-types@5.26.5", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/undici-types", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "@types/uuid": { + "version": "8.3.4", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "name": "@types/uuid", + "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "devOptional": true, + "_id": "@types/uuid@8.3.4", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuid": { + "version": "8.3.2", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "name": "uuid", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "devOptional": true, + "bin": { + "uuid": "dist/bin/uuid" + }, + "_id": "uuid@8.3.2", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuidv4": { + "version": "6.2.13", + "resolved": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "name": "uuidv4", + "integrity": "sha512-AXyzMjazYB3ovL3q051VLH06Ixj//Knx7QnUSi1T//Ie3io6CpsPu9nVMOx5MoLWh6xV0B9J0hIaxungxXUbPQ==", + "optional": true, + "_id": "uuidv4@6.2.13", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuidv4", + "_dependencies": { + "@types/uuid": "8.3.4", + "uuid": "8.3.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "@types/uuid": { + "version": "8.3.4", + "name": "@types/uuid", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "devOptional": true, + "_id": "@types/uuid@8.3.4", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuid": { + "version": "8.3.2", + "name": "uuid", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "devOptional": true, + "bin": { + "uuid": "dist/bin/uuid" + }, + "_id": "uuid@8.3.2", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm7_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm7_node22_ubuntu-latest.json new file mode 100644 index 00000000..e4cc779d --- /dev/null +++ b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm7_node22_ubuntu-latest.json @@ -0,0 +1,130 @@ +{ + "version": "0.0.0", + "name": "demo-dev-dependencies", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "private": true, + "license": "Apache-2.0", + "optionalDependencies": { + "uuidv4": "^6.2.13" + }, + "devDependencies": { + "@types/node": ">=16", + "@types/uuid": "^8", + "uuid": "^8" + }, + "_id": "demo-dev-dependencies@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project", + "_dependencies": { + "uuidv4": "^6.2.13" + }, + "peerDependencies": {}, + "dependencies": { + "@types/node": { + "version": "20.12.8", + "resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "name": "@types/node", + "integrity": "sha512-NU0rJLJnshZWdE/097cdCBbyW1h4hEg0xpovcoAQYHl8dnEyp/NAOiE45pvc+Bd1Dt+2r94v2eGFpQJ4R7g+2w==", + "dev": true, + "_id": "@types/node@20.12.8", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/node", + "_dependencies": { + "undici-types": "~5.26.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "undici-types": { + "version": "5.26.5", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "name": "undici-types", + "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==", + "dev": true, + "_id": "undici-types@5.26.5", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/undici-types", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "@types/uuid": { + "version": "8.3.4", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "name": "@types/uuid", + "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "devOptional": true, + "_id": "@types/uuid@8.3.4", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuid": { + "version": "8.3.2", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "name": "uuid", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "devOptional": true, + "bin": { + "uuid": "dist/bin/uuid" + }, + "_id": "uuid@8.3.2", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuidv4": { + "version": "6.2.13", + "resolved": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "name": "uuidv4", + "integrity": "sha512-AXyzMjazYB3ovL3q051VLH06Ixj//Knx7QnUSi1T//Ie3io6CpsPu9nVMOx5MoLWh6xV0B9J0hIaxungxXUbPQ==", + "optional": true, + "_id": "uuidv4@6.2.13", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuidv4", + "_dependencies": { + "@types/uuid": "8.3.4", + "uuid": "8.3.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "@types/uuid": { + "version": "8.3.4", + "name": "@types/uuid", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "devOptional": true, + "_id": "@types/uuid@8.3.4", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuid": { + "version": "8.3.2", + "name": "uuid", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "devOptional": true, + "bin": { + "uuid": "dist/bin/uuid" + }, + "_id": "uuid@8.3.2", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm7_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm7_node22_windows-latest.json new file mode 100644 index 00000000..7b3fcc1a --- /dev/null +++ b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm7_node22_windows-latest.json @@ -0,0 +1,130 @@ +{ + "version": "0.0.0", + "name": "demo-dev-dependencies", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "private": true, + "license": "Apache-2.0", + "optionalDependencies": { + "uuidv4": "^6.2.13" + }, + "devDependencies": { + "@types/node": ">=16", + "@types/uuid": "^8", + "uuid": "^8" + }, + "_id": "demo-dev-dependencies@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project", + "_dependencies": { + "uuidv4": "^6.2.13" + }, + "peerDependencies": {}, + "dependencies": { + "@types/node": { + "version": "20.12.8", + "resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "name": "@types/node", + "integrity": "sha512-NU0rJLJnshZWdE/097cdCBbyW1h4hEg0xpovcoAQYHl8dnEyp/NAOiE45pvc+Bd1Dt+2r94v2eGFpQJ4R7g+2w==", + "dev": true, + "_id": "@types/node@20.12.8", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\@types\\node", + "_dependencies": { + "undici-types": "~5.26.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "undici-types": { + "version": "5.26.5", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "name": "undici-types", + "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==", + "dev": true, + "_id": "undici-types@5.26.5", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\undici-types", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "@types/uuid": { + "version": "8.3.4", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "name": "@types/uuid", + "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "devOptional": true, + "_id": "@types/uuid@8.3.4", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\@types\\uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuid": { + "version": "8.3.2", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "name": "uuid", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "devOptional": true, + "bin": { + "uuid": "dist/bin/uuid" + }, + "_id": "uuid@8.3.2", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuidv4": { + "version": "6.2.13", + "resolved": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "name": "uuidv4", + "integrity": "sha512-AXyzMjazYB3ovL3q051VLH06Ixj//Knx7QnUSi1T//Ie3io6CpsPu9nVMOx5MoLWh6xV0B9J0hIaxungxXUbPQ==", + "optional": true, + "_id": "uuidv4@6.2.13", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\uuidv4", + "_dependencies": { + "@types/uuid": "8.3.4", + "uuid": "8.3.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "@types/uuid": { + "version": "8.3.4", + "name": "@types/uuid", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "devOptional": true, + "_id": "@types/uuid@8.3.4", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\@types\\uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuid": { + "version": "8.3.2", + "name": "uuid", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "devOptional": true, + "bin": { + "uuid": "dist/bin/uuid" + }, + "_id": "uuid@8.3.2", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm8_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm8_node22_macos-latest.json new file mode 100644 index 00000000..bfa2ff31 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm8_node22_macos-latest.json @@ -0,0 +1,135 @@ +{ + "version": "0.0.0", + "name": "demo-dev-dependencies", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "private": true, + "license": "Apache-2.0", + "optionalDependencies": { + "uuidv4": "^6.2.13" + }, + "devDependencies": { + "@types/node": ">=16", + "@types/uuid": "^8", + "uuid": "^8" + }, + "_id": "demo-dev-dependencies@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project", + "_dependencies": { + "uuidv4": "^6.2.13" + }, + "peerDependencies": {}, + "dependencies": { + "@types/node": { + "version": "20.12.8", + "resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "overridden": false, + "name": "@types/node", + "integrity": "sha512-NU0rJLJnshZWdE/097cdCBbyW1h4hEg0xpovcoAQYHl8dnEyp/NAOiE45pvc+Bd1Dt+2r94v2eGFpQJ4R7g+2w==", + "dev": true, + "_id": "@types/node@20.12.8", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/node", + "_dependencies": { + "undici-types": "~5.26.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "undici-types": { + "version": "5.26.5", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "overridden": false, + "name": "undici-types", + "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==", + "dev": true, + "_id": "undici-types@5.26.5", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/undici-types", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "@types/uuid": { + "version": "8.3.4", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "overridden": false, + "name": "@types/uuid", + "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "devOptional": true, + "_id": "@types/uuid@8.3.4", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuid": { + "version": "8.3.2", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "overridden": false, + "name": "uuid", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "devOptional": true, + "bin": { + "uuid": "dist/bin/uuid" + }, + "_id": "uuid@8.3.2", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuidv4": { + "version": "6.2.13", + "resolved": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "overridden": false, + "name": "uuidv4", + "integrity": "sha512-AXyzMjazYB3ovL3q051VLH06Ixj//Knx7QnUSi1T//Ie3io6CpsPu9nVMOx5MoLWh6xV0B9J0hIaxungxXUbPQ==", + "optional": true, + "_id": "uuidv4@6.2.13", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuidv4", + "_dependencies": { + "@types/uuid": "8.3.4", + "uuid": "8.3.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "@types/uuid": { + "version": "8.3.4", + "name": "@types/uuid", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "devOptional": true, + "_id": "@types/uuid@8.3.4", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuid": { + "version": "8.3.2", + "name": "uuid", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "devOptional": true, + "bin": { + "uuid": "dist/bin/uuid" + }, + "_id": "uuid@8.3.2", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm8_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm8_node22_ubuntu-latest.json new file mode 100644 index 00000000..a85a2677 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm8_node22_ubuntu-latest.json @@ -0,0 +1,135 @@ +{ + "version": "0.0.0", + "name": "demo-dev-dependencies", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "private": true, + "license": "Apache-2.0", + "optionalDependencies": { + "uuidv4": "^6.2.13" + }, + "devDependencies": { + "@types/node": ">=16", + "@types/uuid": "^8", + "uuid": "^8" + }, + "_id": "demo-dev-dependencies@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project", + "_dependencies": { + "uuidv4": "^6.2.13" + }, + "peerDependencies": {}, + "dependencies": { + "@types/node": { + "version": "20.12.8", + "resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "overridden": false, + "name": "@types/node", + "integrity": "sha512-NU0rJLJnshZWdE/097cdCBbyW1h4hEg0xpovcoAQYHl8dnEyp/NAOiE45pvc+Bd1Dt+2r94v2eGFpQJ4R7g+2w==", + "dev": true, + "_id": "@types/node@20.12.8", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/node", + "_dependencies": { + "undici-types": "~5.26.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "undici-types": { + "version": "5.26.5", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "overridden": false, + "name": "undici-types", + "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==", + "dev": true, + "_id": "undici-types@5.26.5", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/undici-types", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "@types/uuid": { + "version": "8.3.4", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "overridden": false, + "name": "@types/uuid", + "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "devOptional": true, + "_id": "@types/uuid@8.3.4", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuid": { + "version": "8.3.2", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "overridden": false, + "name": "uuid", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "devOptional": true, + "bin": { + "uuid": "dist/bin/uuid" + }, + "_id": "uuid@8.3.2", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuidv4": { + "version": "6.2.13", + "resolved": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "overridden": false, + "name": "uuidv4", + "integrity": "sha512-AXyzMjazYB3ovL3q051VLH06Ixj//Knx7QnUSi1T//Ie3io6CpsPu9nVMOx5MoLWh6xV0B9J0hIaxungxXUbPQ==", + "optional": true, + "_id": "uuidv4@6.2.13", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuidv4", + "_dependencies": { + "@types/uuid": "8.3.4", + "uuid": "8.3.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "@types/uuid": { + "version": "8.3.4", + "name": "@types/uuid", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "devOptional": true, + "_id": "@types/uuid@8.3.4", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuid": { + "version": "8.3.2", + "name": "uuid", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "devOptional": true, + "bin": { + "uuid": "dist/bin/uuid" + }, + "_id": "uuid@8.3.2", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm8_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm8_node22_windows-latest.json new file mode 100644 index 00000000..e1755a3e --- /dev/null +++ b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm8_node22_windows-latest.json @@ -0,0 +1,135 @@ +{ + "version": "0.0.0", + "name": "demo-dev-dependencies", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "private": true, + "license": "Apache-2.0", + "optionalDependencies": { + "uuidv4": "^6.2.13" + }, + "devDependencies": { + "@types/node": ">=16", + "@types/uuid": "^8", + "uuid": "^8" + }, + "_id": "demo-dev-dependencies@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project", + "_dependencies": { + "uuidv4": "^6.2.13" + }, + "peerDependencies": {}, + "dependencies": { + "@types/node": { + "version": "20.12.8", + "resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "overridden": false, + "name": "@types/node", + "integrity": "sha512-NU0rJLJnshZWdE/097cdCBbyW1h4hEg0xpovcoAQYHl8dnEyp/NAOiE45pvc+Bd1Dt+2r94v2eGFpQJ4R7g+2w==", + "dev": true, + "_id": "@types/node@20.12.8", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\@types\\node", + "_dependencies": { + "undici-types": "~5.26.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "undici-types": { + "version": "5.26.5", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "overridden": false, + "name": "undici-types", + "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==", + "dev": true, + "_id": "undici-types@5.26.5", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\undici-types", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "@types/uuid": { + "version": "8.3.4", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "overridden": false, + "name": "@types/uuid", + "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "devOptional": true, + "_id": "@types/uuid@8.3.4", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\@types\\uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuid": { + "version": "8.3.2", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "overridden": false, + "name": "uuid", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "devOptional": true, + "bin": { + "uuid": "dist/bin/uuid" + }, + "_id": "uuid@8.3.2", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuidv4": { + "version": "6.2.13", + "resolved": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "overridden": false, + "name": "uuidv4", + "integrity": "sha512-AXyzMjazYB3ovL3q051VLH06Ixj//Knx7QnUSi1T//Ie3io6CpsPu9nVMOx5MoLWh6xV0B9J0hIaxungxXUbPQ==", + "optional": true, + "_id": "uuidv4@6.2.13", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\uuidv4", + "_dependencies": { + "@types/uuid": "8.3.4", + "uuid": "8.3.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "@types/uuid": { + "version": "8.3.4", + "name": "@types/uuid", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "devOptional": true, + "_id": "@types/uuid@8.3.4", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\@types\\uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuid": { + "version": "8.3.2", + "name": "uuid", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "devOptional": true, + "bin": { + "uuid": "dist/bin/uuid" + }, + "_id": "uuid@8.3.2", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm9_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm9_node22_macos-latest.json new file mode 100644 index 00000000..bfa2ff31 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm9_node22_macos-latest.json @@ -0,0 +1,135 @@ +{ + "version": "0.0.0", + "name": "demo-dev-dependencies", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "private": true, + "license": "Apache-2.0", + "optionalDependencies": { + "uuidv4": "^6.2.13" + }, + "devDependencies": { + "@types/node": ">=16", + "@types/uuid": "^8", + "uuid": "^8" + }, + "_id": "demo-dev-dependencies@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project", + "_dependencies": { + "uuidv4": "^6.2.13" + }, + "peerDependencies": {}, + "dependencies": { + "@types/node": { + "version": "20.12.8", + "resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "overridden": false, + "name": "@types/node", + "integrity": "sha512-NU0rJLJnshZWdE/097cdCBbyW1h4hEg0xpovcoAQYHl8dnEyp/NAOiE45pvc+Bd1Dt+2r94v2eGFpQJ4R7g+2w==", + "dev": true, + "_id": "@types/node@20.12.8", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/node", + "_dependencies": { + "undici-types": "~5.26.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "undici-types": { + "version": "5.26.5", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "overridden": false, + "name": "undici-types", + "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==", + "dev": true, + "_id": "undici-types@5.26.5", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/undici-types", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "@types/uuid": { + "version": "8.3.4", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "overridden": false, + "name": "@types/uuid", + "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "devOptional": true, + "_id": "@types/uuid@8.3.4", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuid": { + "version": "8.3.2", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "overridden": false, + "name": "uuid", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "devOptional": true, + "bin": { + "uuid": "dist/bin/uuid" + }, + "_id": "uuid@8.3.2", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuidv4": { + "version": "6.2.13", + "resolved": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "overridden": false, + "name": "uuidv4", + "integrity": "sha512-AXyzMjazYB3ovL3q051VLH06Ixj//Knx7QnUSi1T//Ie3io6CpsPu9nVMOx5MoLWh6xV0B9J0hIaxungxXUbPQ==", + "optional": true, + "_id": "uuidv4@6.2.13", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuidv4", + "_dependencies": { + "@types/uuid": "8.3.4", + "uuid": "8.3.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "@types/uuid": { + "version": "8.3.4", + "name": "@types/uuid", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "devOptional": true, + "_id": "@types/uuid@8.3.4", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuid": { + "version": "8.3.2", + "name": "uuid", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "devOptional": true, + "bin": { + "uuid": "dist/bin/uuid" + }, + "_id": "uuid@8.3.2", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm9_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm9_node22_ubuntu-latest.json new file mode 100644 index 00000000..a85a2677 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm9_node22_ubuntu-latest.json @@ -0,0 +1,135 @@ +{ + "version": "0.0.0", + "name": "demo-dev-dependencies", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "private": true, + "license": "Apache-2.0", + "optionalDependencies": { + "uuidv4": "^6.2.13" + }, + "devDependencies": { + "@types/node": ">=16", + "@types/uuid": "^8", + "uuid": "^8" + }, + "_id": "demo-dev-dependencies@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project", + "_dependencies": { + "uuidv4": "^6.2.13" + }, + "peerDependencies": {}, + "dependencies": { + "@types/node": { + "version": "20.12.8", + "resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "overridden": false, + "name": "@types/node", + "integrity": "sha512-NU0rJLJnshZWdE/097cdCBbyW1h4hEg0xpovcoAQYHl8dnEyp/NAOiE45pvc+Bd1Dt+2r94v2eGFpQJ4R7g+2w==", + "dev": true, + "_id": "@types/node@20.12.8", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/node", + "_dependencies": { + "undici-types": "~5.26.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "undici-types": { + "version": "5.26.5", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "overridden": false, + "name": "undici-types", + "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==", + "dev": true, + "_id": "undici-types@5.26.5", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/undici-types", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "@types/uuid": { + "version": "8.3.4", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "overridden": false, + "name": "@types/uuid", + "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "devOptional": true, + "_id": "@types/uuid@8.3.4", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuid": { + "version": "8.3.2", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "overridden": false, + "name": "uuid", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "devOptional": true, + "bin": { + "uuid": "dist/bin/uuid" + }, + "_id": "uuid@8.3.2", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuidv4": { + "version": "6.2.13", + "resolved": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "overridden": false, + "name": "uuidv4", + "integrity": "sha512-AXyzMjazYB3ovL3q051VLH06Ixj//Knx7QnUSi1T//Ie3io6CpsPu9nVMOx5MoLWh6xV0B9J0hIaxungxXUbPQ==", + "optional": true, + "_id": "uuidv4@6.2.13", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuidv4", + "_dependencies": { + "@types/uuid": "8.3.4", + "uuid": "8.3.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "@types/uuid": { + "version": "8.3.4", + "name": "@types/uuid", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "devOptional": true, + "_id": "@types/uuid@8.3.4", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/@types/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuid": { + "version": "8.3.2", + "name": "uuid", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "devOptional": true, + "bin": { + "uuid": "dist/bin/uuid" + }, + "_id": "uuid@8.3.2", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/dev-dependencies/project/node_modules/uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm9_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm9_node22_windows-latest.json new file mode 100644 index 00000000..e1755a3e --- /dev/null +++ b/tests/_data/npm-ls_demo-results/dev-dependencies/CI_results/npm-ls_npm9_node22_windows-latest.json @@ -0,0 +1,135 @@ +{ + "version": "0.0.0", + "name": "demo-dev-dependencies", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "private": true, + "license": "Apache-2.0", + "optionalDependencies": { + "uuidv4": "^6.2.13" + }, + "devDependencies": { + "@types/node": ">=16", + "@types/uuid": "^8", + "uuid": "^8" + }, + "_id": "demo-dev-dependencies@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project", + "_dependencies": { + "uuidv4": "^6.2.13" + }, + "peerDependencies": {}, + "dependencies": { + "@types/node": { + "version": "20.12.8", + "resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "overridden": false, + "name": "@types/node", + "integrity": "sha512-NU0rJLJnshZWdE/097cdCBbyW1h4hEg0xpovcoAQYHl8dnEyp/NAOiE45pvc+Bd1Dt+2r94v2eGFpQJ4R7g+2w==", + "dev": true, + "_id": "@types/node@20.12.8", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\@types\\node", + "_dependencies": { + "undici-types": "~5.26.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "undici-types": { + "version": "5.26.5", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "overridden": false, + "name": "undici-types", + "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==", + "dev": true, + "_id": "undici-types@5.26.5", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\undici-types", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "@types/uuid": { + "version": "8.3.4", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "overridden": false, + "name": "@types/uuid", + "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "devOptional": true, + "_id": "@types/uuid@8.3.4", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\@types\\uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuid": { + "version": "8.3.2", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "overridden": false, + "name": "uuid", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "devOptional": true, + "bin": { + "uuid": "dist/bin/uuid" + }, + "_id": "uuid@8.3.2", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuidv4": { + "version": "6.2.13", + "resolved": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "overridden": false, + "name": "uuidv4", + "integrity": "sha512-AXyzMjazYB3ovL3q051VLH06Ixj//Knx7QnUSi1T//Ie3io6CpsPu9nVMOx5MoLWh6xV0B9J0hIaxungxXUbPQ==", + "optional": true, + "_id": "uuidv4@6.2.13", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\uuidv4", + "_dependencies": { + "@types/uuid": "8.3.4", + "uuid": "8.3.2" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "@types/uuid": { + "version": "8.3.4", + "name": "@types/uuid", + "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "integrity": "sha512-c/I8ZRb51j+pYGAu5CrFMRxqZ2ke4y2grEBO5AUjgSkSk+qT2Ea+OdWElz/OiMf5MNpn2b17kuVBwZLQJXzihw==", + "devOptional": true, + "_id": "@types/uuid@8.3.4", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\@types\\uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "uuid": { + "version": "8.3.2", + "name": "uuid", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "devOptional": true, + "bin": { + "uuid": "dist/bin/uuid" + }, + "_id": "uuid@8.3.2", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\dev-dependencies\\project\\node_modules\\uuid", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm10_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm10_node22_macos-latest.json new file mode 100644 index 00000000..f8995267 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm10_node22_macos-latest.json @@ -0,0 +1,61 @@ +{ + "version": "0.0.0", + "name": "demo-local-deps", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "private": true, + "license": "Apache-2.0", + "_id": "demo-local-deps@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project", + "_dependencies": { + "my-local-a": "file:packages/my-local-a", + "my-noname": "file:packages/my-noname" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.0.0", + "resolved": "file:../packages/my-local-a", + "overridden": false, + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-local-a", + "_dependencies": { + "my-local-b-off": "file:../my-local-b" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-b-off": { + "version": "0.0.0", + "resolved": "file:../packages/my-local-b", + "overridden": false, + "name": "my-local-b", + "license": "Apache-2.0", + "_id": "my-local-b@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "my-noname": { + "version": "0.0.0", + "resolved": "file:../packages/my-noname", + "overridden": false, + "name": "my-noname", + "license": "Apache-2.0", + "_id": "my-noname@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-noname", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } +} diff --git a/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm10_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm10_node22_ubuntu-latest.json new file mode 100644 index 00000000..214dd0a1 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm10_node22_ubuntu-latest.json @@ -0,0 +1,61 @@ +{ + "version": "0.0.0", + "name": "demo-local-deps", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "private": true, + "license": "Apache-2.0", + "_id": "demo-local-deps@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project", + "_dependencies": { + "my-local-a": "file:packages/my-local-a", + "my-noname": "file:packages/my-noname" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.0.0", + "resolved": "file:../packages/my-local-a", + "overridden": false, + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-local-a", + "_dependencies": { + "my-local-b-off": "file:../my-local-b" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-b-off": { + "version": "0.0.0", + "resolved": "file:../packages/my-local-b", + "overridden": false, + "name": "my-local-b", + "license": "Apache-2.0", + "_id": "my-local-b@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "my-noname": { + "version": "0.0.0", + "resolved": "file:../packages/my-noname", + "overridden": false, + "name": "my-noname", + "license": "Apache-2.0", + "_id": "my-noname@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-noname", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } +} diff --git a/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm10_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm10_node22_windows-latest.json new file mode 100644 index 00000000..ebbf0210 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm10_node22_windows-latest.json @@ -0,0 +1,61 @@ +{ + "version": "0.0.0", + "name": "demo-local-deps", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "private": true, + "license": "Apache-2.0", + "_id": "demo-local-deps@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project", + "_dependencies": { + "my-local-a": "file:packages/my-local-a", + "my-noname": "file:packages/my-noname" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.0.0", + "resolved": "file:../packages/my-local-a", + "overridden": false, + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project\\node_modules\\my-local-a", + "_dependencies": { + "my-local-b-off": "file:../my-local-b" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-b-off": { + "version": "0.0.0", + "resolved": "file:../packages/my-local-b", + "overridden": false, + "name": "my-local-b", + "license": "Apache-2.0", + "_id": "my-local-b@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project\\node_modules\\my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "my-noname": { + "version": "0.0.0", + "resolved": "file:../packages/my-noname", + "overridden": false, + "name": "my-noname", + "license": "Apache-2.0", + "_id": "my-noname@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project\\node_modules\\my-noname", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } +} diff --git a/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm6_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm6_node22_macos-latest.json new file mode 100644 index 00000000..fbd2ebf8 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm6_node22_macos-latest.json @@ -0,0 +1,157 @@ +{ + "name": "demo-local-deps", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "private": true, + "version": "0.0.0", + "license": "Apache-2.0", + "dependencies": { + "my-local-a": { + "name": "my-local-a", + "description": "demo: my-local-a", + "private": true, + "version": "0.0.0", + "license": "Apache-2.0", + "repository": { + "type": "git", + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "directory": "demo/local-deps/project/packages/my-local-a" + }, + "dependencies": { + "my-local-b-off": { + "name": "my-local-b-off", + "description": "demo: my-local-b-off - a package with a different name than its dir", + "private": true, + "version": "0.0.0", + "license": "Apache-2.0", + "readme": "ERROR: No README data found!", + "_id": "my-local-b-off@0.0.0", + "_requested": { + "type": "directory", + "where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project", + "raw": "my-local-b-off@file:packages/my-local-b", + "name": "my-local-b-off", + "escapedName": "my-local-b-off", + "rawSpec": "file:packages/my-local-b", + "saveSpec": "file:packages/my-local-b", + "fetchSpec": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/packages/my-local-b" + }, + "_spec": "file:packages/my-local-b", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project", + "_args": [ + [ + "my-local-b-off@file:packages/my-local-b", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project" + ] + ], + "dependencies": {}, + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-local-b-off", + "error": null, + "extraneous": false, + "link": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/packages/my-local-b" + } + }, + "bugs": { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues" + }, + "readme": "ERROR: No README data found!", + "homepage": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "_id": "my-local-a@0.0.0", + "_requested": { + "type": "directory", + "where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project", + "raw": "my-local-a@file:packages/my-local-a", + "name": "my-local-a", + "escapedName": "my-local-a", + "rawSpec": "file:packages/my-local-a", + "saveSpec": "file:packages/my-local-a", + "fetchSpec": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/packages/my-local-a" + }, + "_spec": "file:packages/my-local-a", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project", + "_args": [ + [ + "my-local-a@file:packages/my-local-a", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project" + ] + ], + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": { + "my-local-b-off": "file:../my-local-b" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-local-a", + "error": "[Circular]", + "extraneous": false, + "link": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/packages/my-local-a" + }, + "my-noname": { + "name": "", + "description": "demo: with no/empty name", + "private": true, + "version": "0.0.0", + "license": "Apache-2.0", + "readme": "ERROR: No README data found!", + "_id": "@0.0.0", + "_requested": { + "type": "directory", + "where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project", + "raw": "my-noname@file:packages/my-noname", + "name": "my-noname", + "escapedName": "my-noname", + "rawSpec": "file:packages/my-noname", + "saveSpec": "file:packages/my-noname", + "fetchSpec": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/packages/my-noname" + }, + "_spec": "file:packages/my-noname", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project", + "_args": [ + [ + "my-noname@file:packages/my-noname", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project" + ] + ], + "dependencies": {}, + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-noname", + "error": "[Circular]", + "extraneous": false, + "link": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/packages/my-noname" + } + }, + "readme": "ERROR: No README data found!", + "_id": "demo-local-deps@0.0.0", + "_shrinkwrap": { + "name": "demo-local-deps", + "version": "0.0.0", + "lockfileVersion": 1, + "requires": true, + "dependencies": { + "my-local-a": { + "version": "file:packages/my-local-a", + "requires": { + "my-local-b-off": "file:../my-local-b" + } + }, + "my-local-b-off": { + "version": "file:packages/my-local-b" + }, + "my-noname": { + "version": "file:packages/my-noname" + } + } + }, + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": { + "my-local-a": "file:packages/my-local-a", + "my-noname": "file:packages/my-noname" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project", + "error": "[Circular]", + "extraneous": false +} diff --git a/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm6_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm6_node22_ubuntu-latest.json new file mode 100644 index 00000000..1842b527 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm6_node22_ubuntu-latest.json @@ -0,0 +1,157 @@ +{ + "name": "demo-local-deps", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "private": true, + "version": "0.0.0", + "license": "Apache-2.0", + "dependencies": { + "my-local-a": { + "name": "my-local-a", + "description": "demo: my-local-a", + "private": true, + "version": "0.0.0", + "license": "Apache-2.0", + "repository": { + "type": "git", + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "directory": "demo/local-deps/project/packages/my-local-a" + }, + "dependencies": { + "my-local-b-off": { + "name": "my-local-b-off", + "description": "demo: my-local-b-off - a package with a different name than its dir", + "private": true, + "version": "0.0.0", + "license": "Apache-2.0", + "readme": "ERROR: No README data found!", + "_id": "my-local-b-off@0.0.0", + "_requested": { + "type": "directory", + "where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project", + "raw": "my-local-b-off@file:packages/my-local-b", + "name": "my-local-b-off", + "escapedName": "my-local-b-off", + "rawSpec": "file:packages/my-local-b", + "saveSpec": "file:packages/my-local-b", + "fetchSpec": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/packages/my-local-b" + }, + "_spec": "file:packages/my-local-b", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project", + "_args": [ + [ + "my-local-b-off@file:packages/my-local-b", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project" + ] + ], + "dependencies": {}, + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-local-b-off", + "error": null, + "extraneous": false, + "link": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/packages/my-local-b" + } + }, + "bugs": { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues" + }, + "readme": "ERROR: No README data found!", + "homepage": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "_id": "my-local-a@0.0.0", + "_requested": { + "type": "directory", + "where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project", + "raw": "my-local-a@file:packages/my-local-a", + "name": "my-local-a", + "escapedName": "my-local-a", + "rawSpec": "file:packages/my-local-a", + "saveSpec": "file:packages/my-local-a", + "fetchSpec": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/packages/my-local-a" + }, + "_spec": "file:packages/my-local-a", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project", + "_args": [ + [ + "my-local-a@file:packages/my-local-a", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project" + ] + ], + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": { + "my-local-b-off": "file:../my-local-b" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-local-a", + "error": "[Circular]", + "extraneous": false, + "link": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/packages/my-local-a" + }, + "my-noname": { + "name": "", + "description": "demo: with no/empty name", + "private": true, + "version": "0.0.0", + "license": "Apache-2.0", + "readme": "ERROR: No README data found!", + "_id": "@0.0.0", + "_requested": { + "type": "directory", + "where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project", + "raw": "my-noname@file:packages/my-noname", + "name": "my-noname", + "escapedName": "my-noname", + "rawSpec": "file:packages/my-noname", + "saveSpec": "file:packages/my-noname", + "fetchSpec": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/packages/my-noname" + }, + "_spec": "file:packages/my-noname", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project", + "_args": [ + [ + "my-noname@file:packages/my-noname", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project" + ] + ], + "dependencies": {}, + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-noname", + "error": "[Circular]", + "extraneous": false, + "link": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/packages/my-noname" + } + }, + "readme": "ERROR: No README data found!", + "_id": "demo-local-deps@0.0.0", + "_shrinkwrap": { + "name": "demo-local-deps", + "version": "0.0.0", + "lockfileVersion": 1, + "requires": true, + "dependencies": { + "my-local-a": { + "version": "file:packages/my-local-a", + "requires": { + "my-local-b-off": "file:../my-local-b" + } + }, + "my-local-b-off": { + "version": "file:packages/my-local-b" + }, + "my-noname": { + "version": "file:packages/my-noname" + } + } + }, + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": { + "my-local-a": "file:packages/my-local-a", + "my-noname": "file:packages/my-noname" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project", + "error": "[Circular]", + "extraneous": false +} diff --git a/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm6_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm6_node22_windows-latest.json new file mode 100644 index 00000000..fe1ed3e2 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm6_node22_windows-latest.json @@ -0,0 +1,157 @@ +{ + "name": "demo-local-deps", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "private": true, + "version": "0.0.0", + "license": "Apache-2.0", + "dependencies": { + "my-local-a": { + "name": "my-local-a", + "description": "demo: my-local-a", + "private": true, + "version": "0.0.0", + "license": "Apache-2.0", + "repository": { + "type": "git", + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "directory": "demo/local-deps/project/packages/my-local-a" + }, + "dependencies": { + "my-local-b-off": { + "name": "my-local-b-off", + "description": "demo: my-local-b-off - a package with a different name than its dir", + "private": true, + "version": "0.0.0", + "license": "Apache-2.0", + "readme": "ERROR: No README data found!", + "_id": "my-local-b-off@0.0.0", + "_requested": { + "type": "directory", + "where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project", + "raw": "my-local-b-off@file:packages/my-local-b", + "name": "my-local-b-off", + "escapedName": "my-local-b-off", + "rawSpec": "file:packages/my-local-b", + "saveSpec": "file:packages\\my-local-b", + "fetchSpec": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project\\packages\\my-local-b" + }, + "_spec": "file:packages/my-local-b", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project", + "_args": [ + [ + "my-local-b-off@file:packages\\my-local-b", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project" + ] + ], + "dependencies": {}, + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project\\node_modules\\my-local-b-off", + "error": null, + "extraneous": false, + "link": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project\\packages\\my-local-b" + } + }, + "bugs": { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues" + }, + "readme": "ERROR: No README data found!", + "homepage": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "_id": "my-local-a@0.0.0", + "_requested": { + "type": "directory", + "where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project", + "raw": "my-local-a@file:packages/my-local-a", + "name": "my-local-a", + "escapedName": "my-local-a", + "rawSpec": "file:packages/my-local-a", + "saveSpec": "file:packages\\my-local-a", + "fetchSpec": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project\\packages\\my-local-a" + }, + "_spec": "file:packages/my-local-a", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project", + "_args": [ + [ + "my-local-a@file:packages\\my-local-a", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project" + ] + ], + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": { + "my-local-b-off": "file:../my-local-b" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project\\node_modules\\my-local-a", + "error": "[Circular]", + "extraneous": false, + "link": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project\\packages\\my-local-a" + }, + "my-noname": { + "name": "", + "description": "demo: with no/empty name", + "private": true, + "version": "0.0.0", + "license": "Apache-2.0", + "readme": "ERROR: No README data found!", + "_id": "@0.0.0", + "_requested": { + "type": "directory", + "where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project", + "raw": "my-noname@file:packages/my-noname", + "name": "my-noname", + "escapedName": "my-noname", + "rawSpec": "file:packages/my-noname", + "saveSpec": "file:packages\\my-noname", + "fetchSpec": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project\\packages\\my-noname" + }, + "_spec": "file:packages/my-noname", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project", + "_args": [ + [ + "my-noname@file:packages\\my-noname", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project" + ] + ], + "dependencies": {}, + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project\\node_modules\\my-noname", + "error": "[Circular]", + "extraneous": false, + "link": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project\\packages\\my-noname" + } + }, + "readme": "ERROR: No README data found!", + "_id": "demo-local-deps@0.0.0", + "_shrinkwrap": { + "name": "demo-local-deps", + "version": "0.0.0", + "lockfileVersion": 1, + "requires": true, + "dependencies": { + "my-local-a": { + "version": "file:packages/my-local-a", + "requires": { + "my-local-b-off": "file:..\\my-local-b" + } + }, + "my-local-b-off": { + "version": "file:packages/my-local-b" + }, + "my-noname": { + "version": "file:packages/my-noname" + } + } + }, + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": { + "my-local-a": "file:packages/my-local-a", + "my-noname": "file:packages/my-noname" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project", + "error": "[Circular]", + "extraneous": false +} diff --git a/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm7_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm7_node22_macos-latest.json new file mode 100644 index 00000000..d2fc372c --- /dev/null +++ b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm7_node22_macos-latest.json @@ -0,0 +1,58 @@ +{ + "version": "0.0.0", + "name": "demo-local-deps", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "private": true, + "license": "Apache-2.0", + "_id": "demo-local-deps@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project", + "_dependencies": { + "my-local-a": "file:packages/my-local-a", + "my-noname": "file:packages/my-noname" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.0.0", + "resolved": "file:../packages/my-local-a", + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-local-a", + "_dependencies": { + "my-local-b-off": "file:../my-local-b" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-b-off": { + "version": "0.0.0", + "resolved": "file:../packages/my-local-b", + "name": "my-local-b", + "license": "Apache-2.0", + "_id": "my-local-b@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "my-noname": { + "version": "0.0.0", + "resolved": "file:../packages/my-noname", + "name": "my-noname", + "license": "Apache-2.0", + "_id": "my-noname@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-noname", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } +} diff --git a/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm7_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm7_node22_ubuntu-latest.json new file mode 100644 index 00000000..a0ec399c --- /dev/null +++ b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm7_node22_ubuntu-latest.json @@ -0,0 +1,58 @@ +{ + "version": "0.0.0", + "name": "demo-local-deps", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "private": true, + "license": "Apache-2.0", + "_id": "demo-local-deps@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project", + "_dependencies": { + "my-local-a": "file:packages/my-local-a", + "my-noname": "file:packages/my-noname" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.0.0", + "resolved": "file:../packages/my-local-a", + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-local-a", + "_dependencies": { + "my-local-b-off": "file:../my-local-b" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-b-off": { + "version": "0.0.0", + "resolved": "file:../packages/my-local-b", + "name": "my-local-b", + "license": "Apache-2.0", + "_id": "my-local-b@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "my-noname": { + "version": "0.0.0", + "resolved": "file:../packages/my-noname", + "name": "my-noname", + "license": "Apache-2.0", + "_id": "my-noname@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-noname", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } +} diff --git a/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm7_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm7_node22_windows-latest.json new file mode 100644 index 00000000..ed8ab0cd --- /dev/null +++ b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm7_node22_windows-latest.json @@ -0,0 +1,58 @@ +{ + "version": "0.0.0", + "name": "demo-local-deps", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "private": true, + "license": "Apache-2.0", + "_id": "demo-local-deps@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project", + "_dependencies": { + "my-local-a": "file:packages/my-local-a", + "my-noname": "file:packages/my-noname" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.0.0", + "resolved": "file:../packages/my-local-a", + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project\\node_modules\\my-local-a", + "_dependencies": { + "my-local-b-off": "file:../my-local-b" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-b-off": { + "version": "0.0.0", + "resolved": "file:../packages/my-local-b", + "name": "my-local-b", + "license": "Apache-2.0", + "_id": "my-local-b@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project\\node_modules\\my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "my-noname": { + "version": "0.0.0", + "resolved": "file:../packages/my-noname", + "name": "my-noname", + "license": "Apache-2.0", + "_id": "my-noname@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project\\node_modules\\my-noname", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } +} diff --git a/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm8_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm8_node22_macos-latest.json new file mode 100644 index 00000000..f8995267 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm8_node22_macos-latest.json @@ -0,0 +1,61 @@ +{ + "version": "0.0.0", + "name": "demo-local-deps", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "private": true, + "license": "Apache-2.0", + "_id": "demo-local-deps@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project", + "_dependencies": { + "my-local-a": "file:packages/my-local-a", + "my-noname": "file:packages/my-noname" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.0.0", + "resolved": "file:../packages/my-local-a", + "overridden": false, + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-local-a", + "_dependencies": { + "my-local-b-off": "file:../my-local-b" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-b-off": { + "version": "0.0.0", + "resolved": "file:../packages/my-local-b", + "overridden": false, + "name": "my-local-b", + "license": "Apache-2.0", + "_id": "my-local-b@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "my-noname": { + "version": "0.0.0", + "resolved": "file:../packages/my-noname", + "overridden": false, + "name": "my-noname", + "license": "Apache-2.0", + "_id": "my-noname@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-noname", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } +} diff --git a/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm8_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm8_node22_ubuntu-latest.json new file mode 100644 index 00000000..214dd0a1 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm8_node22_ubuntu-latest.json @@ -0,0 +1,61 @@ +{ + "version": "0.0.0", + "name": "demo-local-deps", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "private": true, + "license": "Apache-2.0", + "_id": "demo-local-deps@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project", + "_dependencies": { + "my-local-a": "file:packages/my-local-a", + "my-noname": "file:packages/my-noname" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.0.0", + "resolved": "file:../packages/my-local-a", + "overridden": false, + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-local-a", + "_dependencies": { + "my-local-b-off": "file:../my-local-b" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-b-off": { + "version": "0.0.0", + "resolved": "file:../packages/my-local-b", + "overridden": false, + "name": "my-local-b", + "license": "Apache-2.0", + "_id": "my-local-b@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "my-noname": { + "version": "0.0.0", + "resolved": "file:../packages/my-noname", + "overridden": false, + "name": "my-noname", + "license": "Apache-2.0", + "_id": "my-noname@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-noname", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } +} diff --git a/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm8_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm8_node22_windows-latest.json new file mode 100644 index 00000000..ebbf0210 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm8_node22_windows-latest.json @@ -0,0 +1,61 @@ +{ + "version": "0.0.0", + "name": "demo-local-deps", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "private": true, + "license": "Apache-2.0", + "_id": "demo-local-deps@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project", + "_dependencies": { + "my-local-a": "file:packages/my-local-a", + "my-noname": "file:packages/my-noname" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.0.0", + "resolved": "file:../packages/my-local-a", + "overridden": false, + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project\\node_modules\\my-local-a", + "_dependencies": { + "my-local-b-off": "file:../my-local-b" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-b-off": { + "version": "0.0.0", + "resolved": "file:../packages/my-local-b", + "overridden": false, + "name": "my-local-b", + "license": "Apache-2.0", + "_id": "my-local-b@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project\\node_modules\\my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "my-noname": { + "version": "0.0.0", + "resolved": "file:../packages/my-noname", + "overridden": false, + "name": "my-noname", + "license": "Apache-2.0", + "_id": "my-noname@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project\\node_modules\\my-noname", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } +} diff --git a/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm9_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm9_node22_macos-latest.json new file mode 100644 index 00000000..f8995267 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm9_node22_macos-latest.json @@ -0,0 +1,61 @@ +{ + "version": "0.0.0", + "name": "demo-local-deps", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "private": true, + "license": "Apache-2.0", + "_id": "demo-local-deps@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project", + "_dependencies": { + "my-local-a": "file:packages/my-local-a", + "my-noname": "file:packages/my-noname" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.0.0", + "resolved": "file:../packages/my-local-a", + "overridden": false, + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-local-a", + "_dependencies": { + "my-local-b-off": "file:../my-local-b" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-b-off": { + "version": "0.0.0", + "resolved": "file:../packages/my-local-b", + "overridden": false, + "name": "my-local-b", + "license": "Apache-2.0", + "_id": "my-local-b@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "my-noname": { + "version": "0.0.0", + "resolved": "file:../packages/my-noname", + "overridden": false, + "name": "my-noname", + "license": "Apache-2.0", + "_id": "my-noname@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-noname", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } +} diff --git a/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm9_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm9_node22_ubuntu-latest.json new file mode 100644 index 00000000..214dd0a1 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm9_node22_ubuntu-latest.json @@ -0,0 +1,61 @@ +{ + "version": "0.0.0", + "name": "demo-local-deps", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "private": true, + "license": "Apache-2.0", + "_id": "demo-local-deps@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project", + "_dependencies": { + "my-local-a": "file:packages/my-local-a", + "my-noname": "file:packages/my-noname" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.0.0", + "resolved": "file:../packages/my-local-a", + "overridden": false, + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-local-a", + "_dependencies": { + "my-local-b-off": "file:../my-local-b" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-b-off": { + "version": "0.0.0", + "resolved": "file:../packages/my-local-b", + "overridden": false, + "name": "my-local-b", + "license": "Apache-2.0", + "_id": "my-local-b@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "my-noname": { + "version": "0.0.0", + "resolved": "file:../packages/my-noname", + "overridden": false, + "name": "my-noname", + "license": "Apache-2.0", + "_id": "my-noname@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-dependencies/project/node_modules/my-noname", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } +} diff --git a/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm9_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm9_node22_windows-latest.json new file mode 100644 index 00000000..ebbf0210 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/local-dependencies/CI_results/npm-ls_npm9_node22_windows-latest.json @@ -0,0 +1,61 @@ +{ + "version": "0.0.0", + "name": "demo-local-deps", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "private": true, + "license": "Apache-2.0", + "_id": "demo-local-deps@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project", + "_dependencies": { + "my-local-a": "file:packages/my-local-a", + "my-noname": "file:packages/my-noname" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.0.0", + "resolved": "file:../packages/my-local-a", + "overridden": false, + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project\\node_modules\\my-local-a", + "_dependencies": { + "my-local-b-off": "file:../my-local-b" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-b-off": { + "version": "0.0.0", + "resolved": "file:../packages/my-local-b", + "overridden": false, + "name": "my-local-b", + "license": "Apache-2.0", + "_id": "my-local-b@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project\\node_modules\\my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "my-noname": { + "version": "0.0.0", + "resolved": "file:../packages/my-noname", + "overridden": false, + "name": "my-noname", + "license": "Apache-2.0", + "_id": "my-noname@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-dependencies\\project\\node_modules\\my-noname", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } +} diff --git a/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm10_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm10_node22_macos-latest.json new file mode 100644 index 00000000..42d85832 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm10_node22_macos-latest.json @@ -0,0 +1,103 @@ +{ + "version": "0.0.0", + "name": "demo-workspaces", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "private": true, + "license": "Apache-2.0", + "workspaces": [ + "workspaces/*" + ], + "_id": "demo-workspaces@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project", + "_dependencies": { + "my-local-a": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.1.0", + "resolved": "file:../workspaces/my-local-a", + "overridden": false, + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-a", + "_dependencies": { + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-b-off": { + "version": "0.0.0", + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "my-local-b-off": { + "version": "0.0.0", + "resolved": "file:../workspaces/my-local-b", + "overridden": false, + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "my-local-c": { + "version": "0.23.42", + "resolved": "file:../workspaces/my-local", + "overridden": false, + "name": "my-local-c", + "license": "Apache-2.0", + "_id": "my-local-c@0.23.42", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-c", + "_dependencies": { + "my-local-a": "*", + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.1.0", + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-a", + "_dependencies": { + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "my-local-b-off": { + "version": "0.0.0", + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm10_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm10_node22_ubuntu-latest.json new file mode 100644 index 00000000..1075dfd9 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm10_node22_ubuntu-latest.json @@ -0,0 +1,103 @@ +{ + "version": "0.0.0", + "name": "demo-workspaces", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "private": true, + "license": "Apache-2.0", + "workspaces": [ + "workspaces/*" + ], + "_id": "demo-workspaces@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project", + "_dependencies": { + "my-local-a": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.1.0", + "resolved": "file:../workspaces/my-local-a", + "overridden": false, + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-a", + "_dependencies": { + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-b-off": { + "version": "0.0.0", + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "my-local-b-off": { + "version": "0.0.0", + "resolved": "file:../workspaces/my-local-b", + "overridden": false, + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "my-local-c": { + "version": "0.23.42", + "resolved": "file:../workspaces/my-local", + "overridden": false, + "name": "my-local-c", + "license": "Apache-2.0", + "_id": "my-local-c@0.23.42", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-c", + "_dependencies": { + "my-local-a": "*", + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.1.0", + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-a", + "_dependencies": { + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "my-local-b-off": { + "version": "0.0.0", + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm10_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm10_node22_windows-latest.json new file mode 100644 index 00000000..c7483e1e --- /dev/null +++ b/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm10_node22_windows-latest.json @@ -0,0 +1,103 @@ +{ + "version": "0.0.0", + "name": "demo-workspaces", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "private": true, + "license": "Apache-2.0", + "workspaces": [ + "workspaces/*" + ], + "_id": "demo-workspaces@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project", + "_dependencies": { + "my-local-a": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.1.0", + "resolved": "file:../workspaces/my-local-a", + "overridden": false, + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project\\node_modules\\my-local-a", + "_dependencies": { + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-b-off": { + "version": "0.0.0", + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project\\node_modules\\my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "my-local-b-off": { + "version": "0.0.0", + "resolved": "file:../workspaces/my-local-b", + "overridden": false, + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project\\node_modules\\my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "my-local-c": { + "version": "0.23.42", + "resolved": "file:../workspaces/my-local", + "overridden": false, + "name": "my-local-c", + "license": "Apache-2.0", + "_id": "my-local-c@0.23.42", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project\\node_modules\\my-local-c", + "_dependencies": { + "my-local-a": "*", + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.1.0", + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project\\node_modules\\my-local-a", + "_dependencies": { + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "my-local-b-off": { + "version": "0.0.0", + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project\\node_modules\\my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm7_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm7_node22_macos-latest.json new file mode 100644 index 00000000..125be665 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm7_node22_macos-latest.json @@ -0,0 +1,100 @@ +{ + "version": "0.0.0", + "name": "demo-workspaces", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "private": true, + "license": "Apache-2.0", + "workspaces": [ + "workspaces/*" + ], + "_id": "demo-workspaces@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project", + "_dependencies": { + "my-local-a": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.1.0", + "resolved": "file:../workspaces/my-local-a", + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-a", + "_dependencies": { + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-b-off": { + "version": "0.0.0", + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "my-local-b-off": { + "version": "0.0.0", + "resolved": "file:../workspaces/my-local-b", + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "my-local-c": { + "version": "0.23.42", + "resolved": "file:../workspaces/my-local", + "name": "my-local-c", + "license": "Apache-2.0", + "_id": "my-local-c@0.23.42", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-c", + "_dependencies": { + "my-local-a": "*", + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.1.0", + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-a", + "_dependencies": { + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "my-local-b-off": { + "version": "0.0.0", + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm7_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm7_node22_ubuntu-latest.json new file mode 100644 index 00000000..a023e5a4 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm7_node22_ubuntu-latest.json @@ -0,0 +1,100 @@ +{ + "version": "0.0.0", + "name": "demo-workspaces", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "private": true, + "license": "Apache-2.0", + "workspaces": [ + "workspaces/*" + ], + "_id": "demo-workspaces@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project", + "_dependencies": { + "my-local-a": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.1.0", + "resolved": "file:../workspaces/my-local-a", + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-a", + "_dependencies": { + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-b-off": { + "version": "0.0.0", + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "my-local-b-off": { + "version": "0.0.0", + "resolved": "file:../workspaces/my-local-b", + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "my-local-c": { + "version": "0.23.42", + "resolved": "file:../workspaces/my-local", + "name": "my-local-c", + "license": "Apache-2.0", + "_id": "my-local-c@0.23.42", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-c", + "_dependencies": { + "my-local-a": "*", + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.1.0", + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-a", + "_dependencies": { + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "my-local-b-off": { + "version": "0.0.0", + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm7_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm7_node22_windows-latest.json new file mode 100644 index 00000000..5e40727c --- /dev/null +++ b/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm7_node22_windows-latest.json @@ -0,0 +1,100 @@ +{ + "version": "0.0.0", + "name": "demo-workspaces", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "private": true, + "license": "Apache-2.0", + "workspaces": [ + "workspaces/*" + ], + "_id": "demo-workspaces@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project", + "_dependencies": { + "my-local-a": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.1.0", + "resolved": "file:../workspaces/my-local-a", + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project\\node_modules\\my-local-a", + "_dependencies": { + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-b-off": { + "version": "0.0.0", + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project\\node_modules\\my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "my-local-b-off": { + "version": "0.0.0", + "resolved": "file:../workspaces/my-local-b", + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project\\node_modules\\my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "my-local-c": { + "version": "0.23.42", + "resolved": "file:../workspaces/my-local", + "name": "my-local-c", + "license": "Apache-2.0", + "_id": "my-local-c@0.23.42", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project\\node_modules\\my-local-c", + "_dependencies": { + "my-local-a": "*", + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.1.0", + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project\\node_modules\\my-local-a", + "_dependencies": { + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "my-local-b-off": { + "version": "0.0.0", + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project\\node_modules\\my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm8_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm8_node22_macos-latest.json new file mode 100644 index 00000000..42d85832 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm8_node22_macos-latest.json @@ -0,0 +1,103 @@ +{ + "version": "0.0.0", + "name": "demo-workspaces", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "private": true, + "license": "Apache-2.0", + "workspaces": [ + "workspaces/*" + ], + "_id": "demo-workspaces@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project", + "_dependencies": { + "my-local-a": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.1.0", + "resolved": "file:../workspaces/my-local-a", + "overridden": false, + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-a", + "_dependencies": { + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-b-off": { + "version": "0.0.0", + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "my-local-b-off": { + "version": "0.0.0", + "resolved": "file:../workspaces/my-local-b", + "overridden": false, + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "my-local-c": { + "version": "0.23.42", + "resolved": "file:../workspaces/my-local", + "overridden": false, + "name": "my-local-c", + "license": "Apache-2.0", + "_id": "my-local-c@0.23.42", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-c", + "_dependencies": { + "my-local-a": "*", + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.1.0", + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-a", + "_dependencies": { + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "my-local-b-off": { + "version": "0.0.0", + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm8_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm8_node22_ubuntu-latest.json new file mode 100644 index 00000000..1075dfd9 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm8_node22_ubuntu-latest.json @@ -0,0 +1,103 @@ +{ + "version": "0.0.0", + "name": "demo-workspaces", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "private": true, + "license": "Apache-2.0", + "workspaces": [ + "workspaces/*" + ], + "_id": "demo-workspaces@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project", + "_dependencies": { + "my-local-a": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.1.0", + "resolved": "file:../workspaces/my-local-a", + "overridden": false, + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-a", + "_dependencies": { + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-b-off": { + "version": "0.0.0", + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "my-local-b-off": { + "version": "0.0.0", + "resolved": "file:../workspaces/my-local-b", + "overridden": false, + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "my-local-c": { + "version": "0.23.42", + "resolved": "file:../workspaces/my-local", + "overridden": false, + "name": "my-local-c", + "license": "Apache-2.0", + "_id": "my-local-c@0.23.42", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-c", + "_dependencies": { + "my-local-a": "*", + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.1.0", + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-a", + "_dependencies": { + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "my-local-b-off": { + "version": "0.0.0", + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm8_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm8_node22_windows-latest.json new file mode 100644 index 00000000..c7483e1e --- /dev/null +++ b/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm8_node22_windows-latest.json @@ -0,0 +1,103 @@ +{ + "version": "0.0.0", + "name": "demo-workspaces", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "private": true, + "license": "Apache-2.0", + "workspaces": [ + "workspaces/*" + ], + "_id": "demo-workspaces@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project", + "_dependencies": { + "my-local-a": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.1.0", + "resolved": "file:../workspaces/my-local-a", + "overridden": false, + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project\\node_modules\\my-local-a", + "_dependencies": { + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-b-off": { + "version": "0.0.0", + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project\\node_modules\\my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "my-local-b-off": { + "version": "0.0.0", + "resolved": "file:../workspaces/my-local-b", + "overridden": false, + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project\\node_modules\\my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "my-local-c": { + "version": "0.23.42", + "resolved": "file:../workspaces/my-local", + "overridden": false, + "name": "my-local-c", + "license": "Apache-2.0", + "_id": "my-local-c@0.23.42", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project\\node_modules\\my-local-c", + "_dependencies": { + "my-local-a": "*", + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.1.0", + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project\\node_modules\\my-local-a", + "_dependencies": { + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "my-local-b-off": { + "version": "0.0.0", + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project\\node_modules\\my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm9_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm9_node22_macos-latest.json new file mode 100644 index 00000000..42d85832 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm9_node22_macos-latest.json @@ -0,0 +1,103 @@ +{ + "version": "0.0.0", + "name": "demo-workspaces", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "private": true, + "license": "Apache-2.0", + "workspaces": [ + "workspaces/*" + ], + "_id": "demo-workspaces@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project", + "_dependencies": { + "my-local-a": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.1.0", + "resolved": "file:../workspaces/my-local-a", + "overridden": false, + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-a", + "_dependencies": { + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-b-off": { + "version": "0.0.0", + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "my-local-b-off": { + "version": "0.0.0", + "resolved": "file:../workspaces/my-local-b", + "overridden": false, + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "my-local-c": { + "version": "0.23.42", + "resolved": "file:../workspaces/my-local", + "overridden": false, + "name": "my-local-c", + "license": "Apache-2.0", + "_id": "my-local-c@0.23.42", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-c", + "_dependencies": { + "my-local-a": "*", + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.1.0", + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.1.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-a", + "_dependencies": { + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "my-local-b-off": { + "version": "0.0.0", + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm9_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm9_node22_ubuntu-latest.json new file mode 100644 index 00000000..1075dfd9 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm9_node22_ubuntu-latest.json @@ -0,0 +1,103 @@ +{ + "version": "0.0.0", + "name": "demo-workspaces", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "private": true, + "license": "Apache-2.0", + "workspaces": [ + "workspaces/*" + ], + "_id": "demo-workspaces@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project", + "_dependencies": { + "my-local-a": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.1.0", + "resolved": "file:../workspaces/my-local-a", + "overridden": false, + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-a", + "_dependencies": { + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-b-off": { + "version": "0.0.0", + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "my-local-b-off": { + "version": "0.0.0", + "resolved": "file:../workspaces/my-local-b", + "overridden": false, + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "my-local-c": { + "version": "0.23.42", + "resolved": "file:../workspaces/my-local", + "overridden": false, + "name": "my-local-c", + "license": "Apache-2.0", + "_id": "my-local-c@0.23.42", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-c", + "_dependencies": { + "my-local-a": "*", + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.1.0", + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.1.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-a", + "_dependencies": { + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "my-local-b-off": { + "version": "0.0.0", + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/local-workspaces/project/node_modules/my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm9_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm9_node22_windows-latest.json new file mode 100644 index 00000000..c7483e1e --- /dev/null +++ b/tests/_data/npm-ls_demo-results/local-workspaces/CI_results/npm-ls_npm9_node22_windows-latest.json @@ -0,0 +1,103 @@ +{ + "version": "0.0.0", + "name": "demo-workspaces", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "private": true, + "license": "Apache-2.0", + "workspaces": [ + "workspaces/*" + ], + "_id": "demo-workspaces@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project", + "_dependencies": { + "my-local-a": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.1.0", + "resolved": "file:../workspaces/my-local-a", + "overridden": false, + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project\\node_modules\\my-local-a", + "_dependencies": { + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-b-off": { + "version": "0.0.0", + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project\\node_modules\\my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "my-local-b-off": { + "version": "0.0.0", + "resolved": "file:../workspaces/my-local-b", + "overridden": false, + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project\\node_modules\\my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "my-local-c": { + "version": "0.23.42", + "resolved": "file:../workspaces/my-local", + "overridden": false, + "name": "my-local-c", + "license": "Apache-2.0", + "_id": "my-local-c@0.23.42", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project\\node_modules\\my-local-c", + "_dependencies": { + "my-local-a": "*", + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "my-local-a": { + "version": "0.1.0", + "name": "my-local-a", + "license": "Apache-2.0", + "_id": "my-local-a@0.1.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project\\node_modules\\my-local-a", + "_dependencies": { + "my-local-b-off": "*" + }, + "devDependencies": {}, + "peerDependencies": {} + }, + "my-local-b-off": { + "version": "0.0.0", + "name": "my-local-b-off", + "license": "Apache-2.0", + "_id": "my-local-b-off@0.0.0", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\local-workspaces\\project\\node_modules\\my-local-b-off", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + } + } +} diff --git a/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm10_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm10_node22_macos-latest.json new file mode 100644 index 00000000..51bd0291 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm10_node22_macos-latest.json @@ -0,0 +1,97 @@ +{ + "name": "demo-package-integrity", + "description": "demo: package-integrity -- packages with different integrity information.", + "private": true, + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project", + "_dependencies": { + "buffer": "^5.4.3", + "ignore": "^5.1.4", + "base64-js": "1.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "base64-js": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "overridden": false, + "name": "base64-js", + "integrity": "sha1-aSbRsZT7xze47tUTdW3i/Np+pAg=", + "license": "MIT", + "engines": { + "node": ">= 0.4" + }, + "_id": "base64-js@1.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/base64-js", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "buffer": { + "version": "5.4.3", + "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "overridden": false, + "name": "buffer", + "integrity": "sha384-5h1Ji04NR2cbjiY1Shby16SPB3BEtCSWxVGdwPX+AOeweYK1SAjyLLgbJ4mXAAVU", + "license": "MIT", + "_id": "buffer@5.4.3", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/buffer", + "_dependencies": { + "base64-js": "^1.0.2", + "ieee754": "^1.1.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "base64-js": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "overridden": false, + "name": "base64-js", + "integrity": "sha1-WOzoy3XdB+ce0IxzarxfrE2/jfE=", + "license": "MIT", + "_id": "base64-js@1.3.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/buffer/node_modules/base64-js", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "ieee754": { + "version": "1.1.13", + "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "overridden": false, + "name": "ieee754", + "integrity": "sha256-YD5rTEDaFVG7qr6KqKSzX2LxMrC2DpmQalnwrQTUeuI=", + "license": "BSD-3-Clause", + "_id": "ieee754@1.1.13", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/ieee754", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "ignore": { + "version": "5.1.4", + "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "overridden": false, + "name": "ignore", + "integrity": "sha512-MzbUSahkTW1u7JpKKjY7LCARd1fU5W2rLdxlM4kdkayuCwZImjkpluF9CM1aLewYJguPDqewLam18Y6AU69A8A==", + "license": "MIT", + "engines": { + "node": ">= 4" + }, + "_id": "ignore@5.1.4", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/ignore", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } +} diff --git a/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm10_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm10_node22_ubuntu-latest.json new file mode 100644 index 00000000..f1614a36 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm10_node22_ubuntu-latest.json @@ -0,0 +1,97 @@ +{ + "name": "demo-package-integrity", + "description": "demo: package-integrity -- packages with different integrity information.", + "private": true, + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project", + "_dependencies": { + "buffer": "^5.4.3", + "ignore": "^5.1.4", + "base64-js": "1.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "base64-js": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "overridden": false, + "name": "base64-js", + "integrity": "sha1-aSbRsZT7xze47tUTdW3i/Np+pAg=", + "license": "MIT", + "engines": { + "node": ">= 0.4" + }, + "_id": "base64-js@1.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/base64-js", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "buffer": { + "version": "5.4.3", + "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "overridden": false, + "name": "buffer", + "integrity": "sha384-5h1Ji04NR2cbjiY1Shby16SPB3BEtCSWxVGdwPX+AOeweYK1SAjyLLgbJ4mXAAVU", + "license": "MIT", + "_id": "buffer@5.4.3", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/buffer", + "_dependencies": { + "base64-js": "^1.0.2", + "ieee754": "^1.1.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "base64-js": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "overridden": false, + "name": "base64-js", + "integrity": "sha1-WOzoy3XdB+ce0IxzarxfrE2/jfE=", + "license": "MIT", + "_id": "base64-js@1.3.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/buffer/node_modules/base64-js", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "ieee754": { + "version": "1.1.13", + "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "overridden": false, + "name": "ieee754", + "integrity": "sha256-YD5rTEDaFVG7qr6KqKSzX2LxMrC2DpmQalnwrQTUeuI=", + "license": "BSD-3-Clause", + "_id": "ieee754@1.1.13", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/ieee754", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "ignore": { + "version": "5.1.4", + "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "overridden": false, + "name": "ignore", + "integrity": "sha512-MzbUSahkTW1u7JpKKjY7LCARd1fU5W2rLdxlM4kdkayuCwZImjkpluF9CM1aLewYJguPDqewLam18Y6AU69A8A==", + "license": "MIT", + "engines": { + "node": ">= 4" + }, + "_id": "ignore@5.1.4", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/ignore", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } +} diff --git a/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm10_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm10_node22_windows-latest.json new file mode 100644 index 00000000..72a9a672 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm10_node22_windows-latest.json @@ -0,0 +1,97 @@ +{ + "name": "demo-package-integrity", + "description": "demo: package-integrity -- packages with different integrity information.", + "private": true, + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project", + "_dependencies": { + "buffer": "^5.4.3", + "ignore": "^5.1.4", + "base64-js": "1.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "base64-js": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "overridden": false, + "name": "base64-js", + "integrity": "sha1-aSbRsZT7xze47tUTdW3i/Np+pAg=", + "license": "MIT", + "engines": { + "node": ">= 0.4" + }, + "_id": "base64-js@1.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project\\node_modules\\base64-js", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "buffer": { + "version": "5.4.3", + "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "overridden": false, + "name": "buffer", + "integrity": "sha384-5h1Ji04NR2cbjiY1Shby16SPB3BEtCSWxVGdwPX+AOeweYK1SAjyLLgbJ4mXAAVU", + "license": "MIT", + "_id": "buffer@5.4.3", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project\\node_modules\\buffer", + "_dependencies": { + "base64-js": "^1.0.2", + "ieee754": "^1.1.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "base64-js": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "overridden": false, + "name": "base64-js", + "integrity": "sha1-WOzoy3XdB+ce0IxzarxfrE2/jfE=", + "license": "MIT", + "_id": "base64-js@1.3.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project\\node_modules\\buffer\\node_modules\\base64-js", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "ieee754": { + "version": "1.1.13", + "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "overridden": false, + "name": "ieee754", + "integrity": "sha256-YD5rTEDaFVG7qr6KqKSzX2LxMrC2DpmQalnwrQTUeuI=", + "license": "BSD-3-Clause", + "_id": "ieee754@1.1.13", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project\\node_modules\\ieee754", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "ignore": { + "version": "5.1.4", + "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "overridden": false, + "name": "ignore", + "integrity": "sha512-MzbUSahkTW1u7JpKKjY7LCARd1fU5W2rLdxlM4kdkayuCwZImjkpluF9CM1aLewYJguPDqewLam18Y6AU69A8A==", + "license": "MIT", + "engines": { + "node": ">= 4" + }, + "_id": "ignore@5.1.4", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project\\node_modules\\ignore", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } +} diff --git a/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm6_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm6_node22_macos-latest.json new file mode 100644 index 00000000..fe3fe716 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm6_node22_macos-latest.json @@ -0,0 +1,531 @@ +{ + "name": "demo-package-integrity", + "description": "demo: package-integrity -- packages with different integrity information.", + "private": true, + "dependencies": { + "base64-js": { + "_args": [ + [ + "base64-js@1.0.1", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project" + ], + [ + "base64-js@1.0.1", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project" + ] + ], + "_from": "base64-js@1.0.1", + "_id": "base64-js@1.0.1", + "_integrity": "sha1-aSbRsZT7xze47tUTdW3i/Np+pAg=", + "_location": "/base64-js", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "base64-js@1.0.1", + "name": "base64-js", + "escapedName": "base64-js", + "rawSpec": "1.0.1", + "saveSpec": null, + "fetchSpec": "1.0.1" + }, + "_requiredBy": [ + "/" + ], + "_resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "_spec": "1.0.1", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project", + "author": { + "name": "T. Jameson Little", + "email": "t.jameson.little@gmail.com" + }, + "bugs": { + "url": "https://github.com/beatgammit/base64-js/issues" + }, + "dependencies": {}, + "description": "Base64 encoding/decoding in pure JS", + "devDependencies": { + "standard": "^5.2.2", + "tape": "4.x" + }, + "engines": { + "node": ">= 0.4" + }, + "homepage": "https://github.com/beatgammit/base64-js#readme", + "license": "MIT", + "main": "lib/b64.js", + "name": "base64-js", + "repository": { + "type": "git", + "url": "git://github.com/beatgammit/base64-js.git" + }, + "scripts": { + "test": "standard && tape test/*.js" + }, + "testling": { + "files": "test/*.js", + "browsers": [ + "ie/6..latest", + "chrome/4..latest", + "firefox/3..latest", + "safari/5.1..latest", + "opera/11.0..latest", + "iphone/6", + "ipad/6" + ] + }, + "version": "1.0.1", + "readme": "base64-js\n=========\n\n`base64-js` does basic base64 encoding/decoding in pure JS.\n\n[![build status](https://secure.travis-ci.org/beatgammit/base64-js.png)](http://travis-ci.org/beatgammit/base64-js)\n\n[![testling badge](https://ci.testling.com/beatgammit/base64-js.png)](https://ci.testling.com/beatgammit/base64-js)\n\nMany browsers already have base64 encoding/decoding functionality, but it is for text data, not all-purpose binary data.\n\nSometimes encoding/decoding binary data in the browser is useful, and that is what this module does.\n\n## install\n\nWith [npm](https://npmjs.org) do:\n\n`npm install base64-js`\n\n## methods\n\n`var base64 = require('base64-js')`\n\n`base64` has two exposed functions, `toByteArray` and `fromByteArray`, which both take a single argument.\n\n* `toByteArray` - Takes a base64 string and returns a byte array\n* `fromByteArray` - Takes a byte array and returns a base64 string\n\n## license\n\nMIT", + "readmeFilename": "README.md", + "optionalDependencies": {}, + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/base64-js", + "error": "[Circular]", + "extraneous": false + }, + "buffer": { + "_args": [ + [ + "buffer@5.4.3", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project" + ], + [ + "buffer@5.4.3", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project" + ] + ], + "_from": "buffer@5.4.3", + "_id": "buffer@5.4.3", + "_integrity": "sha384-5h1Ji04NR2cbjiY1Shby16SPB3BEtCSWxVGdwPX+AOeweYK1SAjyLLgbJ4mXAAVU", + "_location": "/buffer", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "buffer@5.4.3", + "name": "buffer", + "escapedName": "buffer", + "rawSpec": "5.4.3", + "saveSpec": "[Circular]", + "fetchSpec": "5.4.3" + }, + "_requiredBy": [ + "/" + ], + "_resolved": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "_spec": "5.4.3", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project", + "author": { + "name": "Feross Aboukhadijeh", + "email": "feross@feross.org", + "url": "http://feross.org" + }, + "bugs": { + "url": "https://github.com/feross/buffer/issues" + }, + "contributors": [ + { + "name": "Romain Beauxis", + "email": "toots@rastageeks.org" + }, + { + "name": "James Halliday", + "email": "mail@substack.net" + } + ], + "dependencies": { + "base64-js": { + "_args": [ + [ + "base64-js@1.3.1", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project" + ], + [ + "base64-js@1.3.1", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project" + ] + ], + "_from": "base64-js@1.3.1", + "_id": "base64-js@1.3.1", + "_integrity": "sha1-WOzoy3XdB+ce0IxzarxfrE2/jfE=", + "_location": "/buffer/base64-js", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "base64-js@1.3.1", + "name": "base64-js", + "escapedName": "base64-js", + "rawSpec": "1.3.1", + "saveSpec": "[Circular]", + "fetchSpec": "1.3.1" + }, + "_requiredBy": [ + "/buffer" + ], + "_resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "_spec": "1.3.1", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project", + "author": { + "name": "T. Jameson Little", + "email": "t.jameson.little@gmail.com" + }, + "bugs": { + "url": "https://github.com/beatgammit/base64-js/issues" + }, + "description": "Base64 encoding/decoding in pure JS", + "devDependencies": { + "benchmark": "^2.1.4", + "browserify": "^16.3.0", + "standard": "*", + "tape": "4.x", + "uglify-js": "^3.6.0" + }, + "homepage": "https://github.com/beatgammit/base64-js", + "keywords": [ + "base64" + ], + "license": "MIT", + "main": "index.js", + "name": "base64-js", + "repository": { + "type": "git", + "url": "git://github.com/beatgammit/base64-js.git" + }, + "scripts": { + "build": "browserify -s base64js -r ./ | uglifyjs -m > base64js.min.js", + "lint": "standard", + "test": "npm run lint && npm run unit", + "unit": "tape test/*.js" + }, + "version": "1.3.1", + "readme": "base64-js\n=========\n\n`base64-js` does basic base64 encoding/decoding in pure JS.\n\n[![build status](https://secure.travis-ci.org/beatgammit/base64-js.png)](http://travis-ci.org/beatgammit/base64-js)\n\nMany browsers already have base64 encoding/decoding functionality, but it is for text data, not all-purpose binary data.\n\nSometimes encoding/decoding binary data in the browser is useful, and that is what this module does.\n\n## install\n\nWith [npm](https://npmjs.org) do:\n\n`npm install base64-js` and `var base64js = require('base64-js')`\n\nFor use in web browsers do:\n\n``\n\n## methods\n\n`base64js` has three exposed functions, `byteLength`, `toByteArray` and `fromByteArray`, which both take a single argument.\n\n* `byteLength` - Takes a base64 string and returns length of byte array\n* `toByteArray` - Takes a base64 string and returns a byte array\n* `fromByteArray` - Takes a byte array and returns a base64 string\n\n## license\n\nMIT\n", + "readmeFilename": "README.md", + "dependencies": {}, + "optionalDependencies": {}, + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/buffer/node_modules/base64-js", + "error": "[Circular]", + "extraneous": false + }, + "ieee754": { + "_args": [ + [ + "ieee754@1.1.13", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project" + ], + [ + "ieee754@1.1.13", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project" + ] + ], + "_from": "ieee754@1.1.13", + "_id": "ieee754@1.1.13", + "_integrity": "sha256-YD5rTEDaFVG7qr6KqKSzX2LxMrC2DpmQalnwrQTUeuI=", + "_location": "/ieee754", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "ieee754@1.1.13", + "name": "ieee754", + "escapedName": "ieee754", + "rawSpec": "1.1.13", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.13" + }, + "_requiredBy": [ + "/buffer" + ], + "_resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "_spec": "1.1.13", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project", + "author": { + "name": "Feross Aboukhadijeh", + "email": "feross@feross.org", + "url": "http://feross.org" + }, + "bugs": { + "url": "https://github.com/feross/ieee754/issues" + }, + "contributors": [ + { + "name": "Romain Beauxis", + "email": "toots@rastageeks.org" + } + ], + "description": "Read/write IEEE754 floating point numbers from/to a Buffer or array-like object", + "devDependencies": { + "airtap": "0.1.0", + "standard": "*", + "tape": "^4.0.0" + }, + "homepage": "https://github.com/feross/ieee754#readme", + "keywords": [ + "IEEE 754", + "buffer", + "convert", + "floating point", + "ieee754" + ], + "license": "BSD-3-Clause", + "main": "index.js", + "name": "ieee754", + "repository": { + "type": "git", + "url": "git://github.com/feross/ieee754.git" + }, + "scripts": { + "test": "standard && npm run test-node && npm run test-browser", + "test-browser": "airtap -- test/*.js", + "test-browser-local": "airtap --local -- test/*.js", + "test-node": "tape test/*.js" + }, + "version": "1.1.13", + "readme": "# ieee754 [![travis][travis-image]][travis-url] [![npm][npm-image]][npm-url] [![downloads][downloads-image]][downloads-url] [![javascript style guide][standard-image]][standard-url]\n\n[travis-image]: https://img.shields.io/travis/feross/ieee754/master.svg\n[travis-url]: https://travis-ci.org/feross/ieee754\n[npm-image]: https://img.shields.io/npm/v/ieee754.svg\n[npm-url]: https://npmjs.org/package/ieee754\n[downloads-image]: https://img.shields.io/npm/dm/ieee754.svg\n[downloads-url]: https://npmjs.org/package/ieee754\n[standard-image]: https://img.shields.io/badge/code_style-standard-brightgreen.svg\n[standard-url]: https://standardjs.com\n\n[![saucelabs][saucelabs-image]][saucelabs-url]\n\n[saucelabs-image]: https://saucelabs.com/browser-matrix/ieee754.svg\n[saucelabs-url]: https://saucelabs.com/u/ieee754\n\n### Read/write IEEE754 floating point numbers from/to a Buffer or array-like object.\n\n## install\n\n```\nnpm install ieee754\n```\n\n[Get supported ieee754 with the Tidelift Subscription](https://tidelift.com/subscription/pkg/npm-ieee754?utm_source=npm-ieee754&utm_medium=referral&utm_campaign=readme)\n\n## methods\n\n`var ieee754 = require('ieee754')`\n\nThe `ieee754` object has the following functions:\n\n```\nieee754.read = function (buffer, offset, isLE, mLen, nBytes)\nieee754.write = function (buffer, value, offset, isLE, mLen, nBytes)\n```\n\nThe arguments mean the following:\n\n- buffer = the buffer\n- offset = offset into the buffer\n- value = value to set (only for `write`)\n- isLe = is little endian?\n- mLen = mantissa length\n- nBytes = number of bytes\n\n## what is ieee754?\n\nThe IEEE Standard for Floating-Point Arithmetic (IEEE 754) is a technical standard for floating-point computation. [Read more](http://en.wikipedia.org/wiki/IEEE_floating_point).\n\n## license\n\nBSD 3 Clause. Copyright (c) 2008, Fair Oaks Labs, Inc.\n", + "readmeFilename": "README.md", + "dependencies": {}, + "optionalDependencies": {}, + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/ieee754", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Node.js Buffer API, for the browser", + "devDependencies": { + "airtap": "^2.0.3", + "benchmark": "^2.0.0", + "browserify": "^16.1.0", + "concat-stream": "^2.0.0", + "hyperquest": "^2.0.0", + "is-buffer": "^2.0.0", + "is-nan": "^1.0.1", + "split": "^1.0.0", + "standard": "*", + "tape": "^4.0.0", + "through2": "^3.0.1", + "uglify-js": "^3.4.5" + }, + "homepage": "https://github.com/feross/buffer", + "jspm": { + "map": { + "./index.js": { + "node": "@node/buffer" + } + } + }, + "keywords": [ + "arraybuffer", + "browser", + "browserify", + "buffer", + "compatible", + "dataview", + "uint8array" + ], + "license": "MIT", + "main": "index.js", + "name": "buffer", + "repository": { + "type": "git", + "url": "git://github.com/feross/buffer.git" + }, + "scripts": { + "perf": "browserify --debug perf/bracket-notation.js > perf/bundle.js && open perf/index.html", + "perf-node": "node perf/bracket-notation.js && node perf/concat.js && node perf/copy-big.js && node perf/copy.js && node perf/new-big.js && node perf/new.js && node perf/readDoubleBE.js && node perf/readFloatBE.js && node perf/readUInt32LE.js && node perf/slice.js && node perf/writeFloatBE.js", + "size": "browserify -r ./ | uglifyjs -c -m | gzip | wc -c", + "test": "standard && node ./bin/test.js", + "test-browser-es5": "airtap -- test/*.js", + "test-browser-es5-local": "airtap --local -- test/*.js", + "test-browser-es6": "airtap -- test/*.js test/node/*.js", + "test-browser-es6-local": "airtap --local -- test/*.js test/node/*.js", + "test-node": "tape test/*.js test/node/*.js", + "update-authors": "./bin/update-authors.sh" + }, + "standard": { + "ignore": [ + "test/node/**/*.js", + "test/common.js", + "test/_polyfill.js", + "perf/**/*.js" + ] + }, + "types": "index.d.ts", + "version": "5.4.3", + "readme": "# buffer [![travis][travis-image]][travis-url] [![npm][npm-image]][npm-url] [![downloads][downloads-image]][downloads-url] [![javascript style guide][standard-image]][standard-url]\n\n[travis-image]: https://img.shields.io/travis/feross/buffer/master.svg\n[travis-url]: https://travis-ci.org/feross/buffer\n[npm-image]: https://img.shields.io/npm/v/buffer.svg\n[npm-url]: https://npmjs.org/package/buffer\n[downloads-image]: https://img.shields.io/npm/dm/buffer.svg\n[downloads-url]: https://npmjs.org/package/buffer\n[standard-image]: https://img.shields.io/badge/code_style-standard-brightgreen.svg\n[standard-url]: https://standardjs.com\n\n#### The buffer module from [node.js](https://nodejs.org/), for the browser.\n\n[![saucelabs][saucelabs-image]][saucelabs-url]\n\n[saucelabs-image]: https://saucelabs.com/browser-matrix/buffer.svg\n[saucelabs-url]: https://saucelabs.com/u/buffer\n\nWith [browserify](http://browserify.org), simply `require('buffer')` or use the `Buffer` global and you will get this module.\n\nThe goal is to provide an API that is 100% identical to\n[node's Buffer API](https://nodejs.org/api/buffer.html). Read the\n[official docs](https://nodejs.org/api/buffer.html) for the full list of properties,\ninstance methods, and class methods that are supported.\n\n## features\n\n- Manipulate binary data like a boss, in all browsers!\n- Super fast. Backed by Typed Arrays (`Uint8Array`/`ArrayBuffer`, not `Object`)\n- Extremely small bundle size (**6.75KB minified + gzipped**, 51.9KB with comments)\n- Excellent browser support (Chrome, Firefox, Edge, Safari 9+, IE 11, iOS 9+, Android, etc.)\n- Preserves Node API exactly, with one minor difference (see below)\n- Square-bracket `buf[4]` notation works!\n- Does not modify any browser prototypes or put anything on `window`\n- Comprehensive test suite (including all buffer tests from node.js core)\n\n\n## install\n\nTo use this module directly (without browserify), install it:\n\n```bash\nnpm install buffer\n```\n\n[Get supported buffer with the Tidelift Subscription](https://tidelift.com/subscription/pkg/npm-buffer?utm_source=npm-buffer&utm_medium=referral&utm_campaign=readme)\n\nThis module was previously called **native-buffer-browserify**, but please use **buffer**\nfrom now on.\n\nIf you do not use a bundler, you can use the [standalone script](https://bundle.run/buffer).\n\n## usage\n\nThe module's API is identical to node's `Buffer` API. Read the\n[official docs](https://nodejs.org/api/buffer.html) for the full list of properties,\ninstance methods, and class methods that are supported.\n\nAs mentioned above, `require('buffer')` or use the `Buffer` global with\n[browserify](http://browserify.org) and this module will automatically be included\nin your bundle. Almost any npm module will work in the browser, even if it assumes that\nthe node `Buffer` API will be available.\n\nTo depend on this module explicitly (without browserify), require it like this:\n\n```js\nvar Buffer = require('buffer/').Buffer // note: the trailing slash is important!\n```\n\nTo require this module explicitly, use `require('buffer/')` which tells the node.js module\nlookup algorithm (also used by browserify) to use the **npm module** named `buffer`\ninstead of the **node.js core** module named `buffer`!\n\n\n## how does it work?\n\nThe Buffer constructor returns instances of `Uint8Array` that have their prototype\nchanged to `Buffer.prototype`. Furthermore, `Buffer` is a subclass of `Uint8Array`,\nso the returned instances will have all the node `Buffer` methods and the\n`Uint8Array` methods. Square bracket notation works as expected -- it returns a\nsingle octet.\n\nThe `Uint8Array` prototype remains unmodified.\n\n\n## tracking the latest node api\n\nThis module tracks the Buffer API in the latest (unstable) version of node.js. The Buffer\nAPI is considered **stable** in the\n[node stability index](https://nodejs.org/docs/latest/api/documentation.html#documentation_stability_index),\nso it is unlikely that there will ever be breaking changes.\nNonetheless, when/if the Buffer API changes in node, this module's API will change\naccordingly.\n\n## related packages\n\n- [`buffer-reverse`](https://www.npmjs.com/package/buffer-reverse) - Reverse a buffer\n- [`buffer-xor`](https://www.npmjs.com/package/buffer-xor) - Bitwise xor a buffer\n- [`is-buffer`](https://www.npmjs.com/package/is-buffer) - Determine if an object is a Buffer without including the whole `Buffer` package\n\n## conversion packages\n\n### convert typed array to buffer\n\nUse [`typedarray-to-buffer`](https://www.npmjs.com/package/typedarray-to-buffer) to convert any kind of typed array to a `Buffer`. Does not perform a copy, so it's super fast.\n\n### convert buffer to typed array\n\n`Buffer` is a subclass of `Uint8Array` (which is a typed array). So there is no need to explicitly convert to typed array. Just use the buffer as a `Uint8Array`.\n\n### convert blob to buffer\n\nUse [`blob-to-buffer`](https://www.npmjs.com/package/blob-to-buffer) to convert a `Blob` to a `Buffer`.\n\n### convert buffer to blob\n\nTo convert a `Buffer` to a `Blob`, use the `Blob` constructor:\n\n```js\nvar blob = new Blob([ buffer ])\n```\n\nOptionally, specify a mimetype:\n\n```js\nvar blob = new Blob([ buffer ], { type: 'text/html' })\n```\n\n### convert arraybuffer to buffer\n\nTo convert an `ArrayBuffer` to a `Buffer`, use the `Buffer.from` function. Does not perform a copy, so it's super fast.\n\n```js\nvar buffer = Buffer.from(arrayBuffer)\n```\n\n### convert buffer to arraybuffer\n\nTo convert a `Buffer` to an `ArrayBuffer`, use the `.buffer` property (which is present on all `Uint8Array` objects):\n\n```js\nvar arrayBuffer = buffer.buffer.slice(\n buffer.byteOffset, buffer.byteOffset + buffer.byteLength\n)\n```\n\nAlternatively, use the [`to-arraybuffer`](https://www.npmjs.com/package/to-arraybuffer) module.\n\n## performance\n\nSee perf tests in `/perf`.\n\n`BrowserBuffer` is the browser `buffer` module (this repo). `Uint8Array` is included as a\nsanity check (since `BrowserBuffer` uses `Uint8Array` under the hood, `Uint8Array` will\nalways be at least a bit faster). Finally, `NodeBuffer` is the node.js buffer module,\nwhich is included to compare against.\n\nNOTE: Performance has improved since these benchmarks were taken. PR welcome to update the README.\n\n### Chrome 38\n\n| Method | Operations | Accuracy | Sampled | Fastest |\n|:-------|:-----------|:---------|:--------|:-------:|\n| BrowserBuffer#bracket-notation | 11,457,464 ops/sec | ±0.86% | 66 | ✓ |\n| Uint8Array#bracket-notation | 10,824,332 ops/sec | ±0.74% | 65 | |\n| | | | |\n| BrowserBuffer#concat | 450,532 ops/sec | ±0.76% | 68 | |\n| Uint8Array#concat | 1,368,911 ops/sec | ±1.50% | 62 | ✓ |\n| | | | |\n| BrowserBuffer#copy(16000) | 903,001 ops/sec | ±0.96% | 67 | |\n| Uint8Array#copy(16000) | 1,422,441 ops/sec | ±1.04% | 66 | ✓ |\n| | | | |\n| BrowserBuffer#copy(16) | 11,431,358 ops/sec | ±0.46% | 69 | |\n| Uint8Array#copy(16) | 13,944,163 ops/sec | ±1.12% | 68 | ✓ |\n| | | | |\n| BrowserBuffer#new(16000) | 106,329 ops/sec | ±6.70% | 44 | |\n| Uint8Array#new(16000) | 131,001 ops/sec | ±2.85% | 31 | ✓ |\n| | | | |\n| BrowserBuffer#new(16) | 1,554,491 ops/sec | ±1.60% | 65 | |\n| Uint8Array#new(16) | 6,623,930 ops/sec | ±1.66% | 65 | ✓ |\n| | | | |\n| BrowserBuffer#readDoubleBE | 112,830 ops/sec | ±0.51% | 69 | ✓ |\n| DataView#getFloat64 | 93,500 ops/sec | ±0.57% | 68 | |\n| | | | |\n| BrowserBuffer#readFloatBE | 146,678 ops/sec | ±0.95% | 68 | ✓ |\n| DataView#getFloat32 | 99,311 ops/sec | ±0.41% | 67 | |\n| | | | |\n| BrowserBuffer#readUInt32LE | 843,214 ops/sec | ±0.70% | 69 | ✓ |\n| DataView#getUint32 | 103,024 ops/sec | ±0.64% | 67 | |\n| | | | |\n| BrowserBuffer#slice | 1,013,941 ops/sec | ±0.75% | 67 | |\n| Uint8Array#subarray | 1,903,928 ops/sec | ±0.53% | 67 | ✓ |\n| | | | |\n| BrowserBuffer#writeFloatBE | 61,387 ops/sec | ±0.90% | 67 | |\n| DataView#setFloat32 | 141,249 ops/sec | ±0.40% | 66 | ✓ |\n\n\n### Firefox 33\n\n| Method | Operations | Accuracy | Sampled | Fastest |\n|:-------|:-----------|:---------|:--------|:-------:|\n| BrowserBuffer#bracket-notation | 20,800,421 ops/sec | ±1.84% | 60 | |\n| Uint8Array#bracket-notation | 20,826,235 ops/sec | ±2.02% | 61 | ✓ |\n| | | | |\n| BrowserBuffer#concat | 153,076 ops/sec | ±2.32% | 61 | |\n| Uint8Array#concat | 1,255,674 ops/sec | ±8.65% | 52 | ✓ |\n| | | | |\n| BrowserBuffer#copy(16000) | 1,105,312 ops/sec | ±1.16% | 63 | |\n| Uint8Array#copy(16000) | 1,615,911 ops/sec | ±0.55% | 66 | ✓ |\n| | | | |\n| BrowserBuffer#copy(16) | 16,357,599 ops/sec | ±0.73% | 68 | |\n| Uint8Array#copy(16) | 31,436,281 ops/sec | ±1.05% | 68 | ✓ |\n| | | | |\n| BrowserBuffer#new(16000) | 52,995 ops/sec | ±6.01% | 35 | |\n| Uint8Array#new(16000) | 87,686 ops/sec | ±5.68% | 45 | ✓ |\n| | | | |\n| BrowserBuffer#new(16) | 252,031 ops/sec | ±1.61% | 66 | |\n| Uint8Array#new(16) | 8,477,026 ops/sec | ±0.49% | 68 | ✓ |\n| | | | |\n| BrowserBuffer#readDoubleBE | 99,871 ops/sec | ±0.41% | 69 | |\n| DataView#getFloat64 | 285,663 ops/sec | ±0.70% | 68 | ✓ |\n| | | | |\n| BrowserBuffer#readFloatBE | 115,540 ops/sec | ±0.42% | 69 | |\n| DataView#getFloat32 | 288,722 ops/sec | ±0.82% | 68 | ✓ |\n| | | | |\n| BrowserBuffer#readUInt32LE | 633,926 ops/sec | ±1.08% | 67 | ✓ |\n| DataView#getUint32 | 294,808 ops/sec | ±0.79% | 64 | |\n| | | | |\n| BrowserBuffer#slice | 349,425 ops/sec | ±0.46% | 69 | |\n| Uint8Array#subarray | 5,965,819 ops/sec | ±0.60% | 65 | ✓ |\n| | | | |\n| BrowserBuffer#writeFloatBE | 59,980 ops/sec | ±0.41% | 67 | |\n| DataView#setFloat32 | 317,634 ops/sec | ±0.63% | 68 | ✓ |\n\n### Safari 8\n\n| Method | Operations | Accuracy | Sampled | Fastest |\n|:-------|:-----------|:---------|:--------|:-------:|\n| BrowserBuffer#bracket-notation | 10,279,729 ops/sec | ±2.25% | 56 | ✓ |\n| Uint8Array#bracket-notation | 10,030,767 ops/sec | ±2.23% | 59 | |\n| | | | |\n| BrowserBuffer#concat | 144,138 ops/sec | ±1.38% | 65 | |\n| Uint8Array#concat | 4,950,764 ops/sec | ±1.70% | 63 | ✓ |\n| | | | |\n| BrowserBuffer#copy(16000) | 1,058,548 ops/sec | ±1.51% | 64 | |\n| Uint8Array#copy(16000) | 1,409,666 ops/sec | ±1.17% | 65 | ✓ |\n| | | | |\n| BrowserBuffer#copy(16) | 6,282,529 ops/sec | ±1.88% | 58 | |\n| Uint8Array#copy(16) | 11,907,128 ops/sec | ±2.87% | 58 | ✓ |\n| | | | |\n| BrowserBuffer#new(16000) | 101,663 ops/sec | ±3.89% | 57 | |\n| Uint8Array#new(16000) | 22,050,818 ops/sec | ±6.51% | 46 | ✓ |\n| | | | |\n| BrowserBuffer#new(16) | 176,072 ops/sec | ±2.13% | 64 | |\n| Uint8Array#new(16) | 24,385,731 ops/sec | ±5.01% | 51 | ✓ |\n| | | | |\n| BrowserBuffer#readDoubleBE | 41,341 ops/sec | ±1.06% | 67 | |\n| DataView#getFloat64 | 322,280 ops/sec | ±0.84% | 68 | ✓ |\n| | | | |\n| BrowserBuffer#readFloatBE | 46,141 ops/sec | ±1.06% | 65 | |\n| DataView#getFloat32 | 337,025 ops/sec | ±0.43% | 69 | ✓ |\n| | | | |\n| BrowserBuffer#readUInt32LE | 151,551 ops/sec | ±1.02% | 66 | |\n| DataView#getUint32 | 308,278 ops/sec | ±0.94% | 67 | ✓ |\n| | | | |\n| BrowserBuffer#slice | 197,365 ops/sec | ±0.95% | 66 | |\n| Uint8Array#subarray | 9,558,024 ops/sec | ±3.08% | 58 | ✓ |\n| | | | |\n| BrowserBuffer#writeFloatBE | 17,518 ops/sec | ±1.03% | 63 | |\n| DataView#setFloat32 | 319,751 ops/sec | ±0.48% | 68 | ✓ |\n\n\n### Node 0.11.14\n\n| Method | Operations | Accuracy | Sampled | Fastest |\n|:-------|:-----------|:---------|:--------|:-------:|\n| BrowserBuffer#bracket-notation | 10,489,828 ops/sec | ±3.25% | 90 | |\n| Uint8Array#bracket-notation | 10,534,884 ops/sec | ±0.81% | 92 | ✓ |\n| NodeBuffer#bracket-notation | 10,389,910 ops/sec | ±0.97% | 87 | |\n| | | | |\n| BrowserBuffer#concat | 487,830 ops/sec | ±2.58% | 88 | |\n| Uint8Array#concat | 1,814,327 ops/sec | ±1.28% | 88 | ✓ |\n| NodeBuffer#concat | 1,636,523 ops/sec | ±1.88% | 73 | |\n| | | | |\n| BrowserBuffer#copy(16000) | 1,073,665 ops/sec | ±0.77% | 90 | |\n| Uint8Array#copy(16000) | 1,348,517 ops/sec | ±0.84% | 89 | ✓ |\n| NodeBuffer#copy(16000) | 1,289,533 ops/sec | ±0.82% | 93 | |\n| | | | |\n| BrowserBuffer#copy(16) | 12,782,706 ops/sec | ±0.74% | 85 | |\n| Uint8Array#copy(16) | 14,180,427 ops/sec | ±0.93% | 92 | ✓ |\n| NodeBuffer#copy(16) | 11,083,134 ops/sec | ±1.06% | 89 | |\n| | | | |\n| BrowserBuffer#new(16000) | 141,678 ops/sec | ±3.30% | 67 | |\n| Uint8Array#new(16000) | 161,491 ops/sec | ±2.96% | 60 | |\n| NodeBuffer#new(16000) | 292,699 ops/sec | ±3.20% | 55 | ✓ |\n| | | | |\n| BrowserBuffer#new(16) | 1,655,466 ops/sec | ±2.41% | 82 | |\n| Uint8Array#new(16) | 14,399,926 ops/sec | ±0.91% | 94 | ✓ |\n| NodeBuffer#new(16) | 3,894,696 ops/sec | ±0.88% | 92 | |\n| | | | |\n| BrowserBuffer#readDoubleBE | 109,582 ops/sec | ±0.75% | 93 | ✓ |\n| DataView#getFloat64 | 91,235 ops/sec | ±0.81% | 90 | |\n| NodeBuffer#readDoubleBE | 88,593 ops/sec | ±0.96% | 81 | |\n| | | | |\n| BrowserBuffer#readFloatBE | 139,854 ops/sec | ±1.03% | 85 | ✓ |\n| DataView#getFloat32 | 98,744 ops/sec | ±0.80% | 89 | |\n| NodeBuffer#readFloatBE | 92,769 ops/sec | ±0.94% | 93 | |\n| | | | |\n| BrowserBuffer#readUInt32LE | 710,861 ops/sec | ±0.82% | 92 | |\n| DataView#getUint32 | 117,893 ops/sec | ±0.84% | 91 | |\n| NodeBuffer#readUInt32LE | 851,412 ops/sec | ±0.72% | 93 | ✓ |\n| | | | |\n| BrowserBuffer#slice | 1,673,877 ops/sec | ±0.73% | 94 | |\n| Uint8Array#subarray | 6,919,243 ops/sec | ±0.67% | 90 | ✓ |\n| NodeBuffer#slice | 4,617,604 ops/sec | ±0.79% | 93 | |\n| | | | |\n| BrowserBuffer#writeFloatBE | 66,011 ops/sec | ±0.75% | 93 | |\n| DataView#setFloat32 | 127,760 ops/sec | ±0.72% | 93 | ✓ |\n| NodeBuffer#writeFloatBE | 103,352 ops/sec | ±0.83% | 93 | |\n\n### iojs 1.8.1\n\n| Method | Operations | Accuracy | Sampled | Fastest |\n|:-------|:-----------|:---------|:--------|:-------:|\n| BrowserBuffer#bracket-notation | 10,990,488 ops/sec | ±1.11% | 91 | |\n| Uint8Array#bracket-notation | 11,268,757 ops/sec | ±0.65% | 97 | |\n| NodeBuffer#bracket-notation | 11,353,260 ops/sec | ±0.83% | 94 | ✓ |\n| | | | |\n| BrowserBuffer#concat | 378,954 ops/sec | ±0.74% | 94 | |\n| Uint8Array#concat | 1,358,288 ops/sec | ±0.97% | 87 | |\n| NodeBuffer#concat | 1,934,050 ops/sec | ±1.11% | 78 | ✓ |\n| | | | |\n| BrowserBuffer#copy(16000) | 894,538 ops/sec | ±0.56% | 84 | |\n| Uint8Array#copy(16000) | 1,442,656 ops/sec | ±0.71% | 96 | |\n| NodeBuffer#copy(16000) | 1,457,898 ops/sec | ±0.53% | 92 | ✓ |\n| | | | |\n| BrowserBuffer#copy(16) | 12,870,457 ops/sec | ±0.67% | 95 | |\n| Uint8Array#copy(16) | 16,643,989 ops/sec | ±0.61% | 93 | ✓ |\n| NodeBuffer#copy(16) | 14,885,848 ops/sec | ±0.74% | 94 | |\n| | | | |\n| BrowserBuffer#new(16000) | 109,264 ops/sec | ±4.21% | 63 | |\n| Uint8Array#new(16000) | 138,916 ops/sec | ±1.87% | 61 | |\n| NodeBuffer#new(16000) | 281,449 ops/sec | ±3.58% | 51 | ✓ |\n| | | | |\n| BrowserBuffer#new(16) | 1,362,935 ops/sec | ±0.56% | 99 | |\n| Uint8Array#new(16) | 6,193,090 ops/sec | ±0.64% | 95 | ✓ |\n| NodeBuffer#new(16) | 4,745,425 ops/sec | ±1.56% | 90 | |\n| | | | |\n| BrowserBuffer#readDoubleBE | 118,127 ops/sec | ±0.59% | 93 | ✓ |\n| DataView#getFloat64 | 107,332 ops/sec | ±0.65% | 91 | |\n| NodeBuffer#readDoubleBE | 116,274 ops/sec | ±0.94% | 95 | |\n| | | | |\n| BrowserBuffer#readFloatBE | 150,326 ops/sec | ±0.58% | 95 | ✓ |\n| DataView#getFloat32 | 110,541 ops/sec | ±0.57% | 98 | |\n| NodeBuffer#readFloatBE | 121,599 ops/sec | ±0.60% | 87 | |\n| | | | |\n| BrowserBuffer#readUInt32LE | 814,147 ops/sec | ±0.62% | 93 | |\n| DataView#getUint32 | 137,592 ops/sec | ±0.64% | 90 | |\n| NodeBuffer#readUInt32LE | 931,650 ops/sec | ±0.71% | 96 | ✓ |\n| | | | |\n| BrowserBuffer#slice | 878,590 ops/sec | ±0.68% | 93 | |\n| Uint8Array#subarray | 2,843,308 ops/sec | ±1.02% | 90 | |\n| NodeBuffer#slice | 4,998,316 ops/sec | ±0.68% | 90 | ✓ |\n| | | | |\n| BrowserBuffer#writeFloatBE | 65,927 ops/sec | ±0.74% | 93 | |\n| DataView#setFloat32 | 139,823 ops/sec | ±0.97% | 89 | ✓ |\n| NodeBuffer#writeFloatBE | 135,763 ops/sec | ±0.65% | 96 | |\n| | | | |\n\n## Testing the project\n\nFirst, install the project:\n\n npm install\n\nThen, to run tests in Node.js, run:\n\n npm run test-node\n\nTo test locally in a browser, you can run:\n\n npm run test-browser-es5-local # For ES5 browsers that don't support ES6\n npm run test-browser-es6-local # For ES6 compliant browsers\n\nThis will print out a URL that you can then open in a browser to run the tests, using [airtap](https://www.npmjs.com/package/airtap).\n\nTo run automated browser tests using Saucelabs, ensure that your `SAUCE_USERNAME` and `SAUCE_ACCESS_KEY` environment variables are set, then run:\n\n npm test\n\nThis is what's run in Travis, to check against various browsers. The list of browsers is kept in the `bin/airtap-es5.yml` and `bin/airtap-es6.yml` files.\n\n## JavaScript Standard Style\n\nThis module uses [JavaScript Standard Style](https://github.com/feross/standard).\n\n[![JavaScript Style Guide](https://cdn.rawgit.com/feross/standard/master/badge.svg)](https://github.com/feross/standard)\n\nTo test that the code conforms to the style, `npm install` and run:\n\n ./node_modules/.bin/standard\n\n## credit\n\nThis was originally forked from [buffer-browserify](https://github.com/toots/buffer-browserify).\n\n## Security Policies and Procedures\n\nThe `buffer` team and community take all security bugs in `buffer` seriously. Please see our [security policies and procedures](https://github.com/feross/security) document to learn how to report issues.\n\n## license\n\nMIT. Copyright (C) [Feross Aboukhadijeh](http://feross.org), and other contributors. Originally forked from an MIT-licensed module by Romain Beauxis.\n", + "readmeFilename": "README.md", + "optionalDependencies": {}, + "_dependencies": { + "base64-js": "^1.0.2", + "ieee754": "^1.1.4" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/buffer", + "error": "[Circular]", + "extraneous": false + }, + "ignore": { + "_args": [ + [ + "ignore@5.1.4", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project" + ], + [ + "ignore@5.1.4", + "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project" + ] + ], + "_from": "ignore@5.1.4", + "_id": "ignore@5.1.4", + "_integrity": "sha512-MzbUSahkTW1u7JpKKjY7LCARd1fU5W2rLdxlM4kdkayuCwZImjkpluF9CM1aLewYJguPDqewLam18Y6AU69A8A==", + "_location": "/ignore", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "ignore@5.1.4", + "name": "ignore", + "escapedName": "ignore", + "rawSpec": "5.1.4", + "saveSpec": "[Circular]", + "fetchSpec": "5.1.4" + }, + "_requiredBy": [ + "/" + ], + "_resolved": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "_spec": "5.1.4", + "_where": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project", + "author": { + "name": "kael" + }, + "bugs": { + "url": "https://github.com/kaelzhang/node-ignore/issues" + }, + "description": "Ignore is a manager and filter for .gitignore rules, the one used by eslint, gitbook and many others.", + "devDependencies": { + "@babel/cli": "^7.5.5", + "@babel/core": "^7.5.5", + "@babel/preset-env": "^7.5.5", + "codecov": "^3.5.0", + "debug": "^4.1.1", + "eslint": "^6.1.0", + "eslint-config-ostai": "^3.0.0", + "eslint-plugin-import": "^2.18.2", + "mkdirp": "^0.5.1", + "pre-suf": "^1.1.1", + "rimraf": "^2.7.0", + "spawn-sync": "^2.0.0", + "tap": "^14.6.1", + "tmp": "0.1.0", + "typescript": "^3.5.3" + }, + "engines": { + "node": ">= 4" + }, + "files": [ + "legacy.js", + "index.js", + "index.d.ts", + "LICENSE-MIT" + ], + "homepage": "https://github.com/kaelzhang/node-ignore#readme", + "keywords": [ + "ignore", + ".gitignore", + "gitignore", + "npmignore", + "rules", + "manager", + "filter", + "regexp", + "regex", + "fnmatch", + "glob", + "asterisks", + "regular-expression" + ], + "license": "MIT", + "name": "ignore", + "repository": { + "type": "git", + "url": "git+ssh://git@github.com/kaelzhang/node-ignore.git" + }, + "scripts": { + "build": "babel -o legacy.js index.js", + "posttest": "tap --coverage-report=html && codecov", + "prepublishOnly": "npm run build", + "test": "npm run test:only", + "test:cases": "tap test/*.js --coverage", + "test:git": "tap test/git-check-ignore.js", + "test:ignore": "tap test/ignore.js", + "test:lint": "eslint .", + "test:only": "npm run test:lint && npm run test:tsc && npm run test:ts && npm run test:cases", + "test:others": "tap test/others.js", + "test:ts": "node ./test/ts/simple.js", + "test:tsc": "tsc ./test/ts/simple.ts --lib ES6", + "test:win32": "IGNORE_TEST_WIN32=1 npm run test" + }, + "version": "5.1.4", + "readme": "\n \n \n \n \n \n \n \n\n \n \n \n \n
LinuxOS XWindowsCoverageDownloads
\n \n \n \n \n \n \n \n \n \n \n \n
\n\n# ignore\n\n`ignore` is a manager, filter and parser which implemented in pure JavaScript according to the .gitignore [spec](http://git-scm.com/docs/gitignore).\n\n`ignore` is used by eslint, gitbook and [many others](https://www.npmjs.com/browse/depended/ignore).\n\nPay attention that [`minimatch`](https://www.npmjs.org/package/minimatch) does not work in the gitignore way. To filter filenames according to .gitignore file, I recommend this module.\n\n### Tested on\n\n`ignore` is fully tested, and has more than **five hundreds** of unit tests.\n\n- Linux + Node: `0.8` - `7.x`\n- Windows + Node: `0.10` - `7.x`, node < `0.10` is not tested due to the lack of support of appveyor.\n\nActually, `ignore` does not rely on any versions of node specially.\n\nSince `4.0.0`, ignore will no longer support `node < 6` by default, to use in node < 6, `require('ignore/legacy')`. For details, see [CHANGELOG](https://github.com/kaelzhang/node-ignore/blob/master/CHANGELOG.md).\n\n## Table Of Main Contents\n\n- [Usage](#usage)\n- [`Pathname` Conventions](#pathname-conventions)\n- See Also:\n - [`glob-gitignore`](https://www.npmjs.com/package/glob-gitignore) matches files using patterns and filters them according to gitignore rules.\n- [Upgrade Guide](#upgrade-guide)\n\n## Install\n\n```sh\nnpm i ignore\n```\n\n## Usage\n\n```js\nimport ignore from 'ignore'\nconst ig = ignore().add(['.abc/*', '!.abc/d/'])\n```\n\n### Filter the given paths\n\n```js\nconst paths = [\n '.abc/a.js', // filtered out\n '.abc/d/e.js' // included\n]\n\nig.filter(paths) // ['.abc/d/e.js']\nig.ignores('.abc/a.js') // true\n```\n\n### As the filter function\n\n```js\npaths.filter(ig.createFilter()); // ['.abc/d/e.js']\n```\n\n### Win32 paths will be handled\n\n```js\nig.filter(['.abc\\\\a.js', '.abc\\\\d\\\\e.js'])\n// if the code above runs on windows, the result will be\n// ['.abc\\\\d\\\\e.js']\n```\n\n## Why another ignore?\n\n- `ignore` is a standalone module, and is much simpler so that it could easy work with other programs, unlike [isaacs](https://npmjs.org/~isaacs)'s [fstream-ignore](https://npmjs.org/package/fstream-ignore) which must work with the modules of the fstream family.\n\n- `ignore` only contains utility methods to filter paths according to the specified ignore rules, so\n - `ignore` never try to find out ignore rules by traversing directories or fetching from git configurations.\n - `ignore` don't cares about sub-modules of git projects.\n\n- Exactly according to [gitignore man page](http://git-scm.com/docs/gitignore), fixes some known matching issues of fstream-ignore, such as:\n - '`/*.js`' should only match '`a.js`', but not '`abc/a.js`'.\n - '`**/foo`' should match '`foo`' anywhere.\n - Prevent re-including a file if a parent directory of that file is excluded.\n - Handle trailing whitespaces:\n - `'a '`(one space) should not match `'a '`(two spaces).\n - `'a \\ '` matches `'a '`\n - All test cases are verified with the result of `git check-ignore`.\n\n# Methods\n\n## .add(pattern: string | Ignore): this\n## .add(patterns: Array): this\n\n- **pattern** `String | Ignore` An ignore pattern string, or the `Ignore` instance\n- **patterns** `Array` Array of ignore patterns.\n\nAdds a rule or several rules to the current manager.\n\nReturns `this`\n\nNotice that a line starting with `'#'`(hash) is treated as a comment. Put a backslash (`'\\'`) in front of the first hash for patterns that begin with a hash, if you want to ignore a file with a hash at the beginning of the filename.\n\n```js\nignore().add('#abc').ignores('#abc') // false\nignore().add('\\#abc').ignores('#abc') // true\n```\n\n`pattern` could either be a line of ignore pattern or a string of multiple ignore patterns, which means we could just `ignore().add()` the content of a ignore file:\n\n```js\nignore()\n.add(fs.readFileSync(filenameOfGitignore).toString())\n.filter(filenames)\n```\n\n`pattern` could also be an `ignore` instance, so that we could easily inherit the rules of another `Ignore` instance.\n\n## .addIgnoreFile(path)\n\nREMOVED in `3.x` for now.\n\nTo upgrade `ignore@2.x` up to `3.x`, use\n\n```js\nimport fs from 'fs'\n\nif (fs.existsSync(filename)) {\n ignore().add(fs.readFileSync(filename).toString())\n}\n```\n\ninstead.\n\n## .filter(paths: Array<Pathname>): Array<Pathname>\n\n```ts\ntype Pathname = string\n```\n\nFilters the given array of pathnames, and returns the filtered array.\n\n- **paths** `Array.` The array of `pathname`s to be filtered.\n\n### `Pathname` Conventions:\n\n#### 1. `Pathname` should be a `path.relative()`d pathname\n\n`Pathname` should be a string that have been `path.join()`ed, or the return value of `path.relative()` to the current directory,\n\n```js\n// WRONG, an error will be thrown\nig.ignores('./abc')\n\n// WRONG, for it will never happen, and an error will be thrown\n// If the gitignore rule locates at the root directory,\n// `'/abc'` should be changed to `'abc'`.\n// ```\n// path.relative('/', '/abc') -> 'abc'\n// ```\nig.ignores('/abc')\n\n// WRONG, that it is an absolute path on Windows, an error will be thrown\nig.ignores('C:\\\\abc')\n\n// Right\nig.ignores('abc')\n\n// Right\nig.ignores(path.join('./abc')) // path.join('./abc') -> 'abc'\n```\n\nIn other words, each `Pathname` here should be a relative path to the directory of the gitignore rules.\n\nSuppose the dir structure is:\n\n```\n/path/to/your/repo\n |-- a\n | |-- a.js\n |\n |-- .b\n |\n |-- .c\n |-- .DS_store\n```\n\nThen the `paths` might be like this:\n\n```js\n[\n 'a/a.js'\n '.b',\n '.c/.DS_store'\n]\n```\n\n#### 2. filenames and dirnames\n\n`node-ignore` does NO `fs.stat` during path matching, so for the example below:\n\n```js\n// First, we add a ignore pattern to ignore a directory\nig.add('config/')\n\n// `ig` does NOT know if 'config', in the real world,\n// is a normal file, directory or something.\n\nig.ignores('config')\n// `ig` treats `config` as a file, so it returns `false`\n\nig.ignores('config/')\n// returns `true`\n```\n\nSpecially for people who develop some library based on `node-ignore`, it is important to understand that.\n\nUsually, you could use [`glob`](http://npmjs.org/package/glob) with `option.mark = true` to fetch the structure of the current directory:\n\n```js\nimport glob from 'glob'\n\nglob('**', {\n // Adds a / character to directory matches.\n mark: true\n}, (err, files) => {\n if (err) {\n return console.error(err)\n }\n\n let filtered = ignore().add(patterns).filter(files)\n console.log(filtered)\n})\n```\n\n## .ignores(pathname: Pathname): boolean\n\n> new in 3.2.0\n\nReturns `Boolean` whether `pathname` should be ignored.\n\n```js\nig.ignores('.abc/a.js') // true\n```\n\n## .createFilter()\n\nCreates a filter function which could filter an array of paths with `Array.prototype.filter`.\n\nReturns `function(path)` the filter function.\n\n## .test(pathname: Pathname) since 5.0.0\n\nReturns `TestResult`\n\n```ts\ninterface TestResult {\n ignored: boolean\n // true if the `pathname` is finally unignored by some negative pattern\n unignored: boolean\n}\n```\n\n- `{ignored: true, unignored: false}`: the `pathname` is ignored\n- `{ignored: false, unignored: true}`: the `pathname` is unignored\n- `{ignored: false, unignored: false}`: the `pathname` is never matched by any ignore rules.\n\n## `options.ignorecase` since 4.0.0\n\nSimilar as the `core.ignorecase` option of [git-config](https://git-scm.com/docs/git-config), `node-ignore` will be case insensitive if `options.ignorecase` is set to `true` (the default value), otherwise case sensitive.\n\n```js\nconst ig = ignore({\n ignorecase: false\n})\n\nig.add('*.png')\n\nig.ignores('*.PNG') // false\n```\n\n## static `ignore.isPathValid(pathname): boolean` since 5.0.0\n\nCheck whether the `pathname` is valid according to the [convention](#1-pathname-should-be-a-pathrelatived-pathname).\n\n```js\nignore.isPathValid('./foo') // false\n```\n\n****\n\n# Upgrade Guide\n\n## Upgrade 4.x -> 5.x\n\nSince `5.0.0`, if an invalid `Pathname` passed into `ig.ignores()`, an error will be thrown, while `ignore < 5.0.0` did not make sure what the return value was, as well as\n\n```ts\n.ignores(pathname: Pathname): boolean\n\n.filter(pathnames: Array): Array\n\n.createFilter(): (pathname: Pathname) => boolean\n\n.test(pathname: Pathname): {ignored: boolean, unignored: boolean}\n```\n\nSee the convention [here](#1-pathname-should-be-a-pathrelatived-pathname) for details.\n\nIf there are invalid pathnames, the conversion and filtration should be done by users.\n\n```js\nimport {isPathValid} from 'ignore' // introduced in 5.0.0\n\nconst paths = [\n // invalid\n //////////////////\n '',\n false,\n '../foo',\n '.',\n //////////////////\n\n // valid\n 'foo'\n]\n.filter(isValidPath)\n\nig.filter(paths)\n```\n\n## Upgrade 3.x -> 4.x\n\nSince `4.0.0`, `ignore` will no longer support node < 6, to use `ignore` in node < 6:\n\n```js\nvar ignore = require('ignore/legacy')\n```\n\n## Upgrade 2.x -> 3.x\n\n- All `options` of 2.x are unnecessary and removed, so just remove them.\n- `ignore()` instance is no longer an [`EventEmitter`](nodejs.org/api/events.html), and all events are unnecessary and removed.\n- `.addIgnoreFile()` is removed, see the [.addIgnoreFile](#addignorefilepath) section for details.\n\n****\n\n# Collaborators\n\n- [@whitecolor](https://github.com/whitecolor) *Alex*\n- [@SamyPesse](https://github.com/SamyPesse) *Samy Pessé*\n- [@azproduction](https://github.com/azproduction) *Mikhail Davydov*\n- [@TrySound](https://github.com/TrySound) *Bogdan Chadkin*\n- [@JanMattner](https://github.com/JanMattner) *Jan Mattner*\n- [@ntwb](https://github.com/ntwb) *Stephen Edgar*\n- [@kasperisager](https://github.com/kasperisager) *Kasper Isager*\n- [@sandersn](https://github.com/sandersn) *Nathan Shively-Sanders*\n", + "readmeFilename": "README.md", + "dependencies": {}, + "optionalDependencies": {}, + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/ignore", + "error": "[Circular]", + "extraneous": false + } + }, + "version": "", + "readme": "ERROR: No README data found!", + "_id": "demo-package-integrity@", + "_shrinkwrap": { + "name": "demo-package-integrity", + "requires": true, + "lockfileVersion": 1, + "dependencies": { + "base64-js": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "integrity": "sha1-aSbRsZT7xze47tUTdW3i/Np+pAg=" + }, + "buffer": { + "version": "5.4.3", + "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "integrity": "sha384-5h1Ji04NR2cbjiY1Shby16SPB3BEtCSWxVGdwPX+AOeweYK1SAjyLLgbJ4mXAAVU", + "requires": { + "base64-js": "^1.0.2", + "ieee754": "^1.1.4" + }, + "dependencies": { + "base64-js": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "integrity": "sha1-WOzoy3XdB+ce0IxzarxfrE2/jfE=" + } + } + }, + "ieee754": { + "version": "1.1.13", + "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "integrity": "sha256-YD5rTEDaFVG7qr6KqKSzX2LxMrC2DpmQalnwrQTUeuI=" + }, + "ignore": { + "version": "5.1.4", + "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "integrity": "sha512-MzbUSahkTW1u7JpKKjY7LCARd1fU5W2rLdxlM4kdkayuCwZImjkpluF9CM1aLewYJguPDqewLam18Y6AU69A8A==" + } + } + }, + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": { + "buffer": "^5.4.3", + "ignore": "^5.1.4", + "base64-js": "1.0.1" + }, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project", + "error": "[Circular]", + "extraneous": false +} diff --git a/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm6_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm6_node22_ubuntu-latest.json new file mode 100644 index 00000000..afa394d3 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm6_node22_ubuntu-latest.json @@ -0,0 +1,531 @@ +{ + "name": "demo-package-integrity", + "description": "demo: package-integrity -- packages with different integrity information.", + "private": true, + "dependencies": { + "base64-js": { + "_args": [ + [ + "base64-js@1.0.1", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project" + ], + [ + "base64-js@1.0.1", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project" + ] + ], + "_from": "base64-js@1.0.1", + "_id": "base64-js@1.0.1", + "_integrity": "sha1-aSbRsZT7xze47tUTdW3i/Np+pAg=", + "_location": "/base64-js", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "base64-js@1.0.1", + "name": "base64-js", + "escapedName": "base64-js", + "rawSpec": "1.0.1", + "saveSpec": null, + "fetchSpec": "1.0.1" + }, + "_requiredBy": [ + "/" + ], + "_resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "_spec": "1.0.1", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project", + "author": { + "name": "T. Jameson Little", + "email": "t.jameson.little@gmail.com" + }, + "bugs": { + "url": "https://github.com/beatgammit/base64-js/issues" + }, + "dependencies": {}, + "description": "Base64 encoding/decoding in pure JS", + "devDependencies": { + "standard": "^5.2.2", + "tape": "4.x" + }, + "engines": { + "node": ">= 0.4" + }, + "homepage": "https://github.com/beatgammit/base64-js#readme", + "license": "MIT", + "main": "lib/b64.js", + "name": "base64-js", + "repository": { + "type": "git", + "url": "git://github.com/beatgammit/base64-js.git" + }, + "scripts": { + "test": "standard && tape test/*.js" + }, + "testling": { + "files": "test/*.js", + "browsers": [ + "ie/6..latest", + "chrome/4..latest", + "firefox/3..latest", + "safari/5.1..latest", + "opera/11.0..latest", + "iphone/6", + "ipad/6" + ] + }, + "version": "1.0.1", + "readme": "base64-js\n=========\n\n`base64-js` does basic base64 encoding/decoding in pure JS.\n\n[![build status](https://secure.travis-ci.org/beatgammit/base64-js.png)](http://travis-ci.org/beatgammit/base64-js)\n\n[![testling badge](https://ci.testling.com/beatgammit/base64-js.png)](https://ci.testling.com/beatgammit/base64-js)\n\nMany browsers already have base64 encoding/decoding functionality, but it is for text data, not all-purpose binary data.\n\nSometimes encoding/decoding binary data in the browser is useful, and that is what this module does.\n\n## install\n\nWith [npm](https://npmjs.org) do:\n\n`npm install base64-js`\n\n## methods\n\n`var base64 = require('base64-js')`\n\n`base64` has two exposed functions, `toByteArray` and `fromByteArray`, which both take a single argument.\n\n* `toByteArray` - Takes a base64 string and returns a byte array\n* `fromByteArray` - Takes a byte array and returns a base64 string\n\n## license\n\nMIT", + "readmeFilename": "README.md", + "optionalDependencies": {}, + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/base64-js", + "error": "[Circular]", + "extraneous": false + }, + "buffer": { + "_args": [ + [ + "buffer@5.4.3", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project" + ], + [ + "buffer@5.4.3", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project" + ] + ], + "_from": "buffer@5.4.3", + "_id": "buffer@5.4.3", + "_integrity": "sha384-5h1Ji04NR2cbjiY1Shby16SPB3BEtCSWxVGdwPX+AOeweYK1SAjyLLgbJ4mXAAVU", + "_location": "/buffer", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "buffer@5.4.3", + "name": "buffer", + "escapedName": "buffer", + "rawSpec": "5.4.3", + "saveSpec": "[Circular]", + "fetchSpec": "5.4.3" + }, + "_requiredBy": [ + "/" + ], + "_resolved": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "_spec": "5.4.3", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project", + "author": { + "name": "Feross Aboukhadijeh", + "email": "feross@feross.org", + "url": "http://feross.org" + }, + "bugs": { + "url": "https://github.com/feross/buffer/issues" + }, + "contributors": [ + { + "name": "Romain Beauxis", + "email": "toots@rastageeks.org" + }, + { + "name": "James Halliday", + "email": "mail@substack.net" + } + ], + "dependencies": { + "base64-js": { + "_args": [ + [ + "base64-js@1.3.1", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project" + ], + [ + "base64-js@1.3.1", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project" + ] + ], + "_from": "base64-js@1.3.1", + "_id": "base64-js@1.3.1", + "_integrity": "sha1-WOzoy3XdB+ce0IxzarxfrE2/jfE=", + "_location": "/buffer/base64-js", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "base64-js@1.3.1", + "name": "base64-js", + "escapedName": "base64-js", + "rawSpec": "1.3.1", + "saveSpec": "[Circular]", + "fetchSpec": "1.3.1" + }, + "_requiredBy": [ + "/buffer" + ], + "_resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "_spec": "1.3.1", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project", + "author": { + "name": "T. Jameson Little", + "email": "t.jameson.little@gmail.com" + }, + "bugs": { + "url": "https://github.com/beatgammit/base64-js/issues" + }, + "description": "Base64 encoding/decoding in pure JS", + "devDependencies": { + "benchmark": "^2.1.4", + "browserify": "^16.3.0", + "standard": "*", + "tape": "4.x", + "uglify-js": "^3.6.0" + }, + "homepage": "https://github.com/beatgammit/base64-js", + "keywords": [ + "base64" + ], + "license": "MIT", + "main": "index.js", + "name": "base64-js", + "repository": { + "type": "git", + "url": "git://github.com/beatgammit/base64-js.git" + }, + "scripts": { + "build": "browserify -s base64js -r ./ | uglifyjs -m > base64js.min.js", + "lint": "standard", + "test": "npm run lint && npm run unit", + "unit": "tape test/*.js" + }, + "version": "1.3.1", + "readme": "base64-js\n=========\n\n`base64-js` does basic base64 encoding/decoding in pure JS.\n\n[![build status](https://secure.travis-ci.org/beatgammit/base64-js.png)](http://travis-ci.org/beatgammit/base64-js)\n\nMany browsers already have base64 encoding/decoding functionality, but it is for text data, not all-purpose binary data.\n\nSometimes encoding/decoding binary data in the browser is useful, and that is what this module does.\n\n## install\n\nWith [npm](https://npmjs.org) do:\n\n`npm install base64-js` and `var base64js = require('base64-js')`\n\nFor use in web browsers do:\n\n``\n\n## methods\n\n`base64js` has three exposed functions, `byteLength`, `toByteArray` and `fromByteArray`, which both take a single argument.\n\n* `byteLength` - Takes a base64 string and returns length of byte array\n* `toByteArray` - Takes a base64 string and returns a byte array\n* `fromByteArray` - Takes a byte array and returns a base64 string\n\n## license\n\nMIT\n", + "readmeFilename": "README.md", + "dependencies": {}, + "optionalDependencies": {}, + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/buffer/node_modules/base64-js", + "error": "[Circular]", + "extraneous": false + }, + "ieee754": { + "_args": [ + [ + "ieee754@1.1.13", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project" + ], + [ + "ieee754@1.1.13", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project" + ] + ], + "_from": "ieee754@1.1.13", + "_id": "ieee754@1.1.13", + "_integrity": "sha256-YD5rTEDaFVG7qr6KqKSzX2LxMrC2DpmQalnwrQTUeuI=", + "_location": "/ieee754", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "ieee754@1.1.13", + "name": "ieee754", + "escapedName": "ieee754", + "rawSpec": "1.1.13", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.13" + }, + "_requiredBy": [ + "/buffer" + ], + "_resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "_spec": "1.1.13", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project", + "author": { + "name": "Feross Aboukhadijeh", + "email": "feross@feross.org", + "url": "http://feross.org" + }, + "bugs": { + "url": "https://github.com/feross/ieee754/issues" + }, + "contributors": [ + { + "name": "Romain Beauxis", + "email": "toots@rastageeks.org" + } + ], + "description": "Read/write IEEE754 floating point numbers from/to a Buffer or array-like object", + "devDependencies": { + "airtap": "0.1.0", + "standard": "*", + "tape": "^4.0.0" + }, + "homepage": "https://github.com/feross/ieee754#readme", + "keywords": [ + "IEEE 754", + "buffer", + "convert", + "floating point", + "ieee754" + ], + "license": "BSD-3-Clause", + "main": "index.js", + "name": "ieee754", + "repository": { + "type": "git", + "url": "git://github.com/feross/ieee754.git" + }, + "scripts": { + "test": "standard && npm run test-node && npm run test-browser", + "test-browser": "airtap -- test/*.js", + "test-browser-local": "airtap --local -- test/*.js", + "test-node": "tape test/*.js" + }, + "version": "1.1.13", + "readme": "# ieee754 [![travis][travis-image]][travis-url] [![npm][npm-image]][npm-url] [![downloads][downloads-image]][downloads-url] [![javascript style guide][standard-image]][standard-url]\n\n[travis-image]: https://img.shields.io/travis/feross/ieee754/master.svg\n[travis-url]: https://travis-ci.org/feross/ieee754\n[npm-image]: https://img.shields.io/npm/v/ieee754.svg\n[npm-url]: https://npmjs.org/package/ieee754\n[downloads-image]: https://img.shields.io/npm/dm/ieee754.svg\n[downloads-url]: https://npmjs.org/package/ieee754\n[standard-image]: https://img.shields.io/badge/code_style-standard-brightgreen.svg\n[standard-url]: https://standardjs.com\n\n[![saucelabs][saucelabs-image]][saucelabs-url]\n\n[saucelabs-image]: https://saucelabs.com/browser-matrix/ieee754.svg\n[saucelabs-url]: https://saucelabs.com/u/ieee754\n\n### Read/write IEEE754 floating point numbers from/to a Buffer or array-like object.\n\n## install\n\n```\nnpm install ieee754\n```\n\n[Get supported ieee754 with the Tidelift Subscription](https://tidelift.com/subscription/pkg/npm-ieee754?utm_source=npm-ieee754&utm_medium=referral&utm_campaign=readme)\n\n## methods\n\n`var ieee754 = require('ieee754')`\n\nThe `ieee754` object has the following functions:\n\n```\nieee754.read = function (buffer, offset, isLE, mLen, nBytes)\nieee754.write = function (buffer, value, offset, isLE, mLen, nBytes)\n```\n\nThe arguments mean the following:\n\n- buffer = the buffer\n- offset = offset into the buffer\n- value = value to set (only for `write`)\n- isLe = is little endian?\n- mLen = mantissa length\n- nBytes = number of bytes\n\n## what is ieee754?\n\nThe IEEE Standard for Floating-Point Arithmetic (IEEE 754) is a technical standard for floating-point computation. [Read more](http://en.wikipedia.org/wiki/IEEE_floating_point).\n\n## license\n\nBSD 3 Clause. Copyright (c) 2008, Fair Oaks Labs, Inc.\n", + "readmeFilename": "README.md", + "dependencies": {}, + "optionalDependencies": {}, + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/ieee754", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Node.js Buffer API, for the browser", + "devDependencies": { + "airtap": "^2.0.3", + "benchmark": "^2.0.0", + "browserify": "^16.1.0", + "concat-stream": "^2.0.0", + "hyperquest": "^2.0.0", + "is-buffer": "^2.0.0", + "is-nan": "^1.0.1", + "split": "^1.0.0", + "standard": "*", + "tape": "^4.0.0", + "through2": "^3.0.1", + "uglify-js": "^3.4.5" + }, + "homepage": "https://github.com/feross/buffer", + "jspm": { + "map": { + "./index.js": { + "node": "@node/buffer" + } + } + }, + "keywords": [ + "arraybuffer", + "browser", + "browserify", + "buffer", + "compatible", + "dataview", + "uint8array" + ], + "license": "MIT", + "main": "index.js", + "name": "buffer", + "repository": { + "type": "git", + "url": "git://github.com/feross/buffer.git" + }, + "scripts": { + "perf": "browserify --debug perf/bracket-notation.js > perf/bundle.js && open perf/index.html", + "perf-node": "node perf/bracket-notation.js && node perf/concat.js && node perf/copy-big.js && node perf/copy.js && node perf/new-big.js && node perf/new.js && node perf/readDoubleBE.js && node perf/readFloatBE.js && node perf/readUInt32LE.js && node perf/slice.js && node perf/writeFloatBE.js", + "size": "browserify -r ./ | uglifyjs -c -m | gzip | wc -c", + "test": "standard && node ./bin/test.js", + "test-browser-es5": "airtap -- test/*.js", + "test-browser-es5-local": "airtap --local -- test/*.js", + "test-browser-es6": "airtap -- test/*.js test/node/*.js", + "test-browser-es6-local": "airtap --local -- test/*.js test/node/*.js", + "test-node": "tape test/*.js test/node/*.js", + "update-authors": "./bin/update-authors.sh" + }, + "standard": { + "ignore": [ + "test/node/**/*.js", + "test/common.js", + "test/_polyfill.js", + "perf/**/*.js" + ] + }, + "types": "index.d.ts", + "version": "5.4.3", + "readme": "# buffer [![travis][travis-image]][travis-url] [![npm][npm-image]][npm-url] [![downloads][downloads-image]][downloads-url] [![javascript style guide][standard-image]][standard-url]\n\n[travis-image]: https://img.shields.io/travis/feross/buffer/master.svg\n[travis-url]: https://travis-ci.org/feross/buffer\n[npm-image]: https://img.shields.io/npm/v/buffer.svg\n[npm-url]: https://npmjs.org/package/buffer\n[downloads-image]: https://img.shields.io/npm/dm/buffer.svg\n[downloads-url]: https://npmjs.org/package/buffer\n[standard-image]: https://img.shields.io/badge/code_style-standard-brightgreen.svg\n[standard-url]: https://standardjs.com\n\n#### The buffer module from [node.js](https://nodejs.org/), for the browser.\n\n[![saucelabs][saucelabs-image]][saucelabs-url]\n\n[saucelabs-image]: https://saucelabs.com/browser-matrix/buffer.svg\n[saucelabs-url]: https://saucelabs.com/u/buffer\n\nWith [browserify](http://browserify.org), simply `require('buffer')` or use the `Buffer` global and you will get this module.\n\nThe goal is to provide an API that is 100% identical to\n[node's Buffer API](https://nodejs.org/api/buffer.html). Read the\n[official docs](https://nodejs.org/api/buffer.html) for the full list of properties,\ninstance methods, and class methods that are supported.\n\n## features\n\n- Manipulate binary data like a boss, in all browsers!\n- Super fast. Backed by Typed Arrays (`Uint8Array`/`ArrayBuffer`, not `Object`)\n- Extremely small bundle size (**6.75KB minified + gzipped**, 51.9KB with comments)\n- Excellent browser support (Chrome, Firefox, Edge, Safari 9+, IE 11, iOS 9+, Android, etc.)\n- Preserves Node API exactly, with one minor difference (see below)\n- Square-bracket `buf[4]` notation works!\n- Does not modify any browser prototypes or put anything on `window`\n- Comprehensive test suite (including all buffer tests from node.js core)\n\n\n## install\n\nTo use this module directly (without browserify), install it:\n\n```bash\nnpm install buffer\n```\n\n[Get supported buffer with the Tidelift Subscription](https://tidelift.com/subscription/pkg/npm-buffer?utm_source=npm-buffer&utm_medium=referral&utm_campaign=readme)\n\nThis module was previously called **native-buffer-browserify**, but please use **buffer**\nfrom now on.\n\nIf you do not use a bundler, you can use the [standalone script](https://bundle.run/buffer).\n\n## usage\n\nThe module's API is identical to node's `Buffer` API. Read the\n[official docs](https://nodejs.org/api/buffer.html) for the full list of properties,\ninstance methods, and class methods that are supported.\n\nAs mentioned above, `require('buffer')` or use the `Buffer` global with\n[browserify](http://browserify.org) and this module will automatically be included\nin your bundle. Almost any npm module will work in the browser, even if it assumes that\nthe node `Buffer` API will be available.\n\nTo depend on this module explicitly (without browserify), require it like this:\n\n```js\nvar Buffer = require('buffer/').Buffer // note: the trailing slash is important!\n```\n\nTo require this module explicitly, use `require('buffer/')` which tells the node.js module\nlookup algorithm (also used by browserify) to use the **npm module** named `buffer`\ninstead of the **node.js core** module named `buffer`!\n\n\n## how does it work?\n\nThe Buffer constructor returns instances of `Uint8Array` that have their prototype\nchanged to `Buffer.prototype`. Furthermore, `Buffer` is a subclass of `Uint8Array`,\nso the returned instances will have all the node `Buffer` methods and the\n`Uint8Array` methods. Square bracket notation works as expected -- it returns a\nsingle octet.\n\nThe `Uint8Array` prototype remains unmodified.\n\n\n## tracking the latest node api\n\nThis module tracks the Buffer API in the latest (unstable) version of node.js. The Buffer\nAPI is considered **stable** in the\n[node stability index](https://nodejs.org/docs/latest/api/documentation.html#documentation_stability_index),\nso it is unlikely that there will ever be breaking changes.\nNonetheless, when/if the Buffer API changes in node, this module's API will change\naccordingly.\n\n## related packages\n\n- [`buffer-reverse`](https://www.npmjs.com/package/buffer-reverse) - Reverse a buffer\n- [`buffer-xor`](https://www.npmjs.com/package/buffer-xor) - Bitwise xor a buffer\n- [`is-buffer`](https://www.npmjs.com/package/is-buffer) - Determine if an object is a Buffer without including the whole `Buffer` package\n\n## conversion packages\n\n### convert typed array to buffer\n\nUse [`typedarray-to-buffer`](https://www.npmjs.com/package/typedarray-to-buffer) to convert any kind of typed array to a `Buffer`. Does not perform a copy, so it's super fast.\n\n### convert buffer to typed array\n\n`Buffer` is a subclass of `Uint8Array` (which is a typed array). So there is no need to explicitly convert to typed array. Just use the buffer as a `Uint8Array`.\n\n### convert blob to buffer\n\nUse [`blob-to-buffer`](https://www.npmjs.com/package/blob-to-buffer) to convert a `Blob` to a `Buffer`.\n\n### convert buffer to blob\n\nTo convert a `Buffer` to a `Blob`, use the `Blob` constructor:\n\n```js\nvar blob = new Blob([ buffer ])\n```\n\nOptionally, specify a mimetype:\n\n```js\nvar blob = new Blob([ buffer ], { type: 'text/html' })\n```\n\n### convert arraybuffer to buffer\n\nTo convert an `ArrayBuffer` to a `Buffer`, use the `Buffer.from` function. Does not perform a copy, so it's super fast.\n\n```js\nvar buffer = Buffer.from(arrayBuffer)\n```\n\n### convert buffer to arraybuffer\n\nTo convert a `Buffer` to an `ArrayBuffer`, use the `.buffer` property (which is present on all `Uint8Array` objects):\n\n```js\nvar arrayBuffer = buffer.buffer.slice(\n buffer.byteOffset, buffer.byteOffset + buffer.byteLength\n)\n```\n\nAlternatively, use the [`to-arraybuffer`](https://www.npmjs.com/package/to-arraybuffer) module.\n\n## performance\n\nSee perf tests in `/perf`.\n\n`BrowserBuffer` is the browser `buffer` module (this repo). `Uint8Array` is included as a\nsanity check (since `BrowserBuffer` uses `Uint8Array` under the hood, `Uint8Array` will\nalways be at least a bit faster). Finally, `NodeBuffer` is the node.js buffer module,\nwhich is included to compare against.\n\nNOTE: Performance has improved since these benchmarks were taken. PR welcome to update the README.\n\n### Chrome 38\n\n| Method | Operations | Accuracy | Sampled | Fastest |\n|:-------|:-----------|:---------|:--------|:-------:|\n| BrowserBuffer#bracket-notation | 11,457,464 ops/sec | ±0.86% | 66 | ✓ |\n| Uint8Array#bracket-notation | 10,824,332 ops/sec | ±0.74% | 65 | |\n| | | | |\n| BrowserBuffer#concat | 450,532 ops/sec | ±0.76% | 68 | |\n| Uint8Array#concat | 1,368,911 ops/sec | ±1.50% | 62 | ✓ |\n| | | | |\n| BrowserBuffer#copy(16000) | 903,001 ops/sec | ±0.96% | 67 | |\n| Uint8Array#copy(16000) | 1,422,441 ops/sec | ±1.04% | 66 | ✓ |\n| | | | |\n| BrowserBuffer#copy(16) | 11,431,358 ops/sec | ±0.46% | 69 | |\n| Uint8Array#copy(16) | 13,944,163 ops/sec | ±1.12% | 68 | ✓ |\n| | | | |\n| BrowserBuffer#new(16000) | 106,329 ops/sec | ±6.70% | 44 | |\n| Uint8Array#new(16000) | 131,001 ops/sec | ±2.85% | 31 | ✓ |\n| | | | |\n| BrowserBuffer#new(16) | 1,554,491 ops/sec | ±1.60% | 65 | |\n| Uint8Array#new(16) | 6,623,930 ops/sec | ±1.66% | 65 | ✓ |\n| | | | |\n| BrowserBuffer#readDoubleBE | 112,830 ops/sec | ±0.51% | 69 | ✓ |\n| DataView#getFloat64 | 93,500 ops/sec | ±0.57% | 68 | |\n| | | | |\n| BrowserBuffer#readFloatBE | 146,678 ops/sec | ±0.95% | 68 | ✓ |\n| DataView#getFloat32 | 99,311 ops/sec | ±0.41% | 67 | |\n| | | | |\n| BrowserBuffer#readUInt32LE | 843,214 ops/sec | ±0.70% | 69 | ✓ |\n| DataView#getUint32 | 103,024 ops/sec | ±0.64% | 67 | |\n| | | | |\n| BrowserBuffer#slice | 1,013,941 ops/sec | ±0.75% | 67 | |\n| Uint8Array#subarray | 1,903,928 ops/sec | ±0.53% | 67 | ✓ |\n| | | | |\n| BrowserBuffer#writeFloatBE | 61,387 ops/sec | ±0.90% | 67 | |\n| DataView#setFloat32 | 141,249 ops/sec | ±0.40% | 66 | ✓ |\n\n\n### Firefox 33\n\n| Method | Operations | Accuracy | Sampled | Fastest |\n|:-------|:-----------|:---------|:--------|:-------:|\n| BrowserBuffer#bracket-notation | 20,800,421 ops/sec | ±1.84% | 60 | |\n| Uint8Array#bracket-notation | 20,826,235 ops/sec | ±2.02% | 61 | ✓ |\n| | | | |\n| BrowserBuffer#concat | 153,076 ops/sec | ±2.32% | 61 | |\n| Uint8Array#concat | 1,255,674 ops/sec | ±8.65% | 52 | ✓ |\n| | | | |\n| BrowserBuffer#copy(16000) | 1,105,312 ops/sec | ±1.16% | 63 | |\n| Uint8Array#copy(16000) | 1,615,911 ops/sec | ±0.55% | 66 | ✓ |\n| | | | |\n| BrowserBuffer#copy(16) | 16,357,599 ops/sec | ±0.73% | 68 | |\n| Uint8Array#copy(16) | 31,436,281 ops/sec | ±1.05% | 68 | ✓ |\n| | | | |\n| BrowserBuffer#new(16000) | 52,995 ops/sec | ±6.01% | 35 | |\n| Uint8Array#new(16000) | 87,686 ops/sec | ±5.68% | 45 | ✓ |\n| | | | |\n| BrowserBuffer#new(16) | 252,031 ops/sec | ±1.61% | 66 | |\n| Uint8Array#new(16) | 8,477,026 ops/sec | ±0.49% | 68 | ✓ |\n| | | | |\n| BrowserBuffer#readDoubleBE | 99,871 ops/sec | ±0.41% | 69 | |\n| DataView#getFloat64 | 285,663 ops/sec | ±0.70% | 68 | ✓ |\n| | | | |\n| BrowserBuffer#readFloatBE | 115,540 ops/sec | ±0.42% | 69 | |\n| DataView#getFloat32 | 288,722 ops/sec | ±0.82% | 68 | ✓ |\n| | | | |\n| BrowserBuffer#readUInt32LE | 633,926 ops/sec | ±1.08% | 67 | ✓ |\n| DataView#getUint32 | 294,808 ops/sec | ±0.79% | 64 | |\n| | | | |\n| BrowserBuffer#slice | 349,425 ops/sec | ±0.46% | 69 | |\n| Uint8Array#subarray | 5,965,819 ops/sec | ±0.60% | 65 | ✓ |\n| | | | |\n| BrowserBuffer#writeFloatBE | 59,980 ops/sec | ±0.41% | 67 | |\n| DataView#setFloat32 | 317,634 ops/sec | ±0.63% | 68 | ✓ |\n\n### Safari 8\n\n| Method | Operations | Accuracy | Sampled | Fastest |\n|:-------|:-----------|:---------|:--------|:-------:|\n| BrowserBuffer#bracket-notation | 10,279,729 ops/sec | ±2.25% | 56 | ✓ |\n| Uint8Array#bracket-notation | 10,030,767 ops/sec | ±2.23% | 59 | |\n| | | | |\n| BrowserBuffer#concat | 144,138 ops/sec | ±1.38% | 65 | |\n| Uint8Array#concat | 4,950,764 ops/sec | ±1.70% | 63 | ✓ |\n| | | | |\n| BrowserBuffer#copy(16000) | 1,058,548 ops/sec | ±1.51% | 64 | |\n| Uint8Array#copy(16000) | 1,409,666 ops/sec | ±1.17% | 65 | ✓ |\n| | | | |\n| BrowserBuffer#copy(16) | 6,282,529 ops/sec | ±1.88% | 58 | |\n| Uint8Array#copy(16) | 11,907,128 ops/sec | ±2.87% | 58 | ✓ |\n| | | | |\n| BrowserBuffer#new(16000) | 101,663 ops/sec | ±3.89% | 57 | |\n| Uint8Array#new(16000) | 22,050,818 ops/sec | ±6.51% | 46 | ✓ |\n| | | | |\n| BrowserBuffer#new(16) | 176,072 ops/sec | ±2.13% | 64 | |\n| Uint8Array#new(16) | 24,385,731 ops/sec | ±5.01% | 51 | ✓ |\n| | | | |\n| BrowserBuffer#readDoubleBE | 41,341 ops/sec | ±1.06% | 67 | |\n| DataView#getFloat64 | 322,280 ops/sec | ±0.84% | 68 | ✓ |\n| | | | |\n| BrowserBuffer#readFloatBE | 46,141 ops/sec | ±1.06% | 65 | |\n| DataView#getFloat32 | 337,025 ops/sec | ±0.43% | 69 | ✓ |\n| | | | |\n| BrowserBuffer#readUInt32LE | 151,551 ops/sec | ±1.02% | 66 | |\n| DataView#getUint32 | 308,278 ops/sec | ±0.94% | 67 | ✓ |\n| | | | |\n| BrowserBuffer#slice | 197,365 ops/sec | ±0.95% | 66 | |\n| Uint8Array#subarray | 9,558,024 ops/sec | ±3.08% | 58 | ✓ |\n| | | | |\n| BrowserBuffer#writeFloatBE | 17,518 ops/sec | ±1.03% | 63 | |\n| DataView#setFloat32 | 319,751 ops/sec | ±0.48% | 68 | ✓ |\n\n\n### Node 0.11.14\n\n| Method | Operations | Accuracy | Sampled | Fastest |\n|:-------|:-----------|:---------|:--------|:-------:|\n| BrowserBuffer#bracket-notation | 10,489,828 ops/sec | ±3.25% | 90 | |\n| Uint8Array#bracket-notation | 10,534,884 ops/sec | ±0.81% | 92 | ✓ |\n| NodeBuffer#bracket-notation | 10,389,910 ops/sec | ±0.97% | 87 | |\n| | | | |\n| BrowserBuffer#concat | 487,830 ops/sec | ±2.58% | 88 | |\n| Uint8Array#concat | 1,814,327 ops/sec | ±1.28% | 88 | ✓ |\n| NodeBuffer#concat | 1,636,523 ops/sec | ±1.88% | 73 | |\n| | | | |\n| BrowserBuffer#copy(16000) | 1,073,665 ops/sec | ±0.77% | 90 | |\n| Uint8Array#copy(16000) | 1,348,517 ops/sec | ±0.84% | 89 | ✓ |\n| NodeBuffer#copy(16000) | 1,289,533 ops/sec | ±0.82% | 93 | |\n| | | | |\n| BrowserBuffer#copy(16) | 12,782,706 ops/sec | ±0.74% | 85 | |\n| Uint8Array#copy(16) | 14,180,427 ops/sec | ±0.93% | 92 | ✓ |\n| NodeBuffer#copy(16) | 11,083,134 ops/sec | ±1.06% | 89 | |\n| | | | |\n| BrowserBuffer#new(16000) | 141,678 ops/sec | ±3.30% | 67 | |\n| Uint8Array#new(16000) | 161,491 ops/sec | ±2.96% | 60 | |\n| NodeBuffer#new(16000) | 292,699 ops/sec | ±3.20% | 55 | ✓ |\n| | | | |\n| BrowserBuffer#new(16) | 1,655,466 ops/sec | ±2.41% | 82 | |\n| Uint8Array#new(16) | 14,399,926 ops/sec | ±0.91% | 94 | ✓ |\n| NodeBuffer#new(16) | 3,894,696 ops/sec | ±0.88% | 92 | |\n| | | | |\n| BrowserBuffer#readDoubleBE | 109,582 ops/sec | ±0.75% | 93 | ✓ |\n| DataView#getFloat64 | 91,235 ops/sec | ±0.81% | 90 | |\n| NodeBuffer#readDoubleBE | 88,593 ops/sec | ±0.96% | 81 | |\n| | | | |\n| BrowserBuffer#readFloatBE | 139,854 ops/sec | ±1.03% | 85 | ✓ |\n| DataView#getFloat32 | 98,744 ops/sec | ±0.80% | 89 | |\n| NodeBuffer#readFloatBE | 92,769 ops/sec | ±0.94% | 93 | |\n| | | | |\n| BrowserBuffer#readUInt32LE | 710,861 ops/sec | ±0.82% | 92 | |\n| DataView#getUint32 | 117,893 ops/sec | ±0.84% | 91 | |\n| NodeBuffer#readUInt32LE | 851,412 ops/sec | ±0.72% | 93 | ✓ |\n| | | | |\n| BrowserBuffer#slice | 1,673,877 ops/sec | ±0.73% | 94 | |\n| Uint8Array#subarray | 6,919,243 ops/sec | ±0.67% | 90 | ✓ |\n| NodeBuffer#slice | 4,617,604 ops/sec | ±0.79% | 93 | |\n| | | | |\n| BrowserBuffer#writeFloatBE | 66,011 ops/sec | ±0.75% | 93 | |\n| DataView#setFloat32 | 127,760 ops/sec | ±0.72% | 93 | ✓ |\n| NodeBuffer#writeFloatBE | 103,352 ops/sec | ±0.83% | 93 | |\n\n### iojs 1.8.1\n\n| Method | Operations | Accuracy | Sampled | Fastest |\n|:-------|:-----------|:---------|:--------|:-------:|\n| BrowserBuffer#bracket-notation | 10,990,488 ops/sec | ±1.11% | 91 | |\n| Uint8Array#bracket-notation | 11,268,757 ops/sec | ±0.65% | 97 | |\n| NodeBuffer#bracket-notation | 11,353,260 ops/sec | ±0.83% | 94 | ✓ |\n| | | | |\n| BrowserBuffer#concat | 378,954 ops/sec | ±0.74% | 94 | |\n| Uint8Array#concat | 1,358,288 ops/sec | ±0.97% | 87 | |\n| NodeBuffer#concat | 1,934,050 ops/sec | ±1.11% | 78 | ✓ |\n| | | | |\n| BrowserBuffer#copy(16000) | 894,538 ops/sec | ±0.56% | 84 | |\n| Uint8Array#copy(16000) | 1,442,656 ops/sec | ±0.71% | 96 | |\n| NodeBuffer#copy(16000) | 1,457,898 ops/sec | ±0.53% | 92 | ✓ |\n| | | | |\n| BrowserBuffer#copy(16) | 12,870,457 ops/sec | ±0.67% | 95 | |\n| Uint8Array#copy(16) | 16,643,989 ops/sec | ±0.61% | 93 | ✓ |\n| NodeBuffer#copy(16) | 14,885,848 ops/sec | ±0.74% | 94 | |\n| | | | |\n| BrowserBuffer#new(16000) | 109,264 ops/sec | ±4.21% | 63 | |\n| Uint8Array#new(16000) | 138,916 ops/sec | ±1.87% | 61 | |\n| NodeBuffer#new(16000) | 281,449 ops/sec | ±3.58% | 51 | ✓ |\n| | | | |\n| BrowserBuffer#new(16) | 1,362,935 ops/sec | ±0.56% | 99 | |\n| Uint8Array#new(16) | 6,193,090 ops/sec | ±0.64% | 95 | ✓ |\n| NodeBuffer#new(16) | 4,745,425 ops/sec | ±1.56% | 90 | |\n| | | | |\n| BrowserBuffer#readDoubleBE | 118,127 ops/sec | ±0.59% | 93 | ✓ |\n| DataView#getFloat64 | 107,332 ops/sec | ±0.65% | 91 | |\n| NodeBuffer#readDoubleBE | 116,274 ops/sec | ±0.94% | 95 | |\n| | | | |\n| BrowserBuffer#readFloatBE | 150,326 ops/sec | ±0.58% | 95 | ✓ |\n| DataView#getFloat32 | 110,541 ops/sec | ±0.57% | 98 | |\n| NodeBuffer#readFloatBE | 121,599 ops/sec | ±0.60% | 87 | |\n| | | | |\n| BrowserBuffer#readUInt32LE | 814,147 ops/sec | ±0.62% | 93 | |\n| DataView#getUint32 | 137,592 ops/sec | ±0.64% | 90 | |\n| NodeBuffer#readUInt32LE | 931,650 ops/sec | ±0.71% | 96 | ✓ |\n| | | | |\n| BrowserBuffer#slice | 878,590 ops/sec | ±0.68% | 93 | |\n| Uint8Array#subarray | 2,843,308 ops/sec | ±1.02% | 90 | |\n| NodeBuffer#slice | 4,998,316 ops/sec | ±0.68% | 90 | ✓ |\n| | | | |\n| BrowserBuffer#writeFloatBE | 65,927 ops/sec | ±0.74% | 93 | |\n| DataView#setFloat32 | 139,823 ops/sec | ±0.97% | 89 | ✓ |\n| NodeBuffer#writeFloatBE | 135,763 ops/sec | ±0.65% | 96 | |\n| | | | |\n\n## Testing the project\n\nFirst, install the project:\n\n npm install\n\nThen, to run tests in Node.js, run:\n\n npm run test-node\n\nTo test locally in a browser, you can run:\n\n npm run test-browser-es5-local # For ES5 browsers that don't support ES6\n npm run test-browser-es6-local # For ES6 compliant browsers\n\nThis will print out a URL that you can then open in a browser to run the tests, using [airtap](https://www.npmjs.com/package/airtap).\n\nTo run automated browser tests using Saucelabs, ensure that your `SAUCE_USERNAME` and `SAUCE_ACCESS_KEY` environment variables are set, then run:\n\n npm test\n\nThis is what's run in Travis, to check against various browsers. The list of browsers is kept in the `bin/airtap-es5.yml` and `bin/airtap-es6.yml` files.\n\n## JavaScript Standard Style\n\nThis module uses [JavaScript Standard Style](https://github.com/feross/standard).\n\n[![JavaScript Style Guide](https://cdn.rawgit.com/feross/standard/master/badge.svg)](https://github.com/feross/standard)\n\nTo test that the code conforms to the style, `npm install` and run:\n\n ./node_modules/.bin/standard\n\n## credit\n\nThis was originally forked from [buffer-browserify](https://github.com/toots/buffer-browserify).\n\n## Security Policies and Procedures\n\nThe `buffer` team and community take all security bugs in `buffer` seriously. Please see our [security policies and procedures](https://github.com/feross/security) document to learn how to report issues.\n\n## license\n\nMIT. Copyright (C) [Feross Aboukhadijeh](http://feross.org), and other contributors. Originally forked from an MIT-licensed module by Romain Beauxis.\n", + "readmeFilename": "README.md", + "optionalDependencies": {}, + "_dependencies": { + "base64-js": "^1.0.2", + "ieee754": "^1.1.4" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/buffer", + "error": "[Circular]", + "extraneous": false + }, + "ignore": { + "_args": [ + [ + "ignore@5.1.4", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project" + ], + [ + "ignore@5.1.4", + "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project" + ] + ], + "_from": "ignore@5.1.4", + "_id": "ignore@5.1.4", + "_integrity": "sha512-MzbUSahkTW1u7JpKKjY7LCARd1fU5W2rLdxlM4kdkayuCwZImjkpluF9CM1aLewYJguPDqewLam18Y6AU69A8A==", + "_location": "/ignore", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "ignore@5.1.4", + "name": "ignore", + "escapedName": "ignore", + "rawSpec": "5.1.4", + "saveSpec": "[Circular]", + "fetchSpec": "5.1.4" + }, + "_requiredBy": [ + "/" + ], + "_resolved": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "_spec": "5.1.4", + "_where": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project", + "author": { + "name": "kael" + }, + "bugs": { + "url": "https://github.com/kaelzhang/node-ignore/issues" + }, + "description": "Ignore is a manager and filter for .gitignore rules, the one used by eslint, gitbook and many others.", + "devDependencies": { + "@babel/cli": "^7.5.5", + "@babel/core": "^7.5.5", + "@babel/preset-env": "^7.5.5", + "codecov": "^3.5.0", + "debug": "^4.1.1", + "eslint": "^6.1.0", + "eslint-config-ostai": "^3.0.0", + "eslint-plugin-import": "^2.18.2", + "mkdirp": "^0.5.1", + "pre-suf": "^1.1.1", + "rimraf": "^2.7.0", + "spawn-sync": "^2.0.0", + "tap": "^14.6.1", + "tmp": "0.1.0", + "typescript": "^3.5.3" + }, + "engines": { + "node": ">= 4" + }, + "files": [ + "legacy.js", + "index.js", + "index.d.ts", + "LICENSE-MIT" + ], + "homepage": "https://github.com/kaelzhang/node-ignore#readme", + "keywords": [ + "ignore", + ".gitignore", + "gitignore", + "npmignore", + "rules", + "manager", + "filter", + "regexp", + "regex", + "fnmatch", + "glob", + "asterisks", + "regular-expression" + ], + "license": "MIT", + "name": "ignore", + "repository": { + "type": "git", + "url": "git+ssh://git@github.com/kaelzhang/node-ignore.git" + }, + "scripts": { + "build": "babel -o legacy.js index.js", + "posttest": "tap --coverage-report=html && codecov", + "prepublishOnly": "npm run build", + "test": "npm run test:only", + "test:cases": "tap test/*.js --coverage", + "test:git": "tap test/git-check-ignore.js", + "test:ignore": "tap test/ignore.js", + "test:lint": "eslint .", + "test:only": "npm run test:lint && npm run test:tsc && npm run test:ts && npm run test:cases", + "test:others": "tap test/others.js", + "test:ts": "node ./test/ts/simple.js", + "test:tsc": "tsc ./test/ts/simple.ts --lib ES6", + "test:win32": "IGNORE_TEST_WIN32=1 npm run test" + }, + "version": "5.1.4", + "readme": "\n \n \n \n \n \n \n \n\n \n \n \n \n
LinuxOS XWindowsCoverageDownloads
\n \n \n \n \n \n \n \n \n \n \n \n
\n\n# ignore\n\n`ignore` is a manager, filter and parser which implemented in pure JavaScript according to the .gitignore [spec](http://git-scm.com/docs/gitignore).\n\n`ignore` is used by eslint, gitbook and [many others](https://www.npmjs.com/browse/depended/ignore).\n\nPay attention that [`minimatch`](https://www.npmjs.org/package/minimatch) does not work in the gitignore way. To filter filenames according to .gitignore file, I recommend this module.\n\n### Tested on\n\n`ignore` is fully tested, and has more than **five hundreds** of unit tests.\n\n- Linux + Node: `0.8` - `7.x`\n- Windows + Node: `0.10` - `7.x`, node < `0.10` is not tested due to the lack of support of appveyor.\n\nActually, `ignore` does not rely on any versions of node specially.\n\nSince `4.0.0`, ignore will no longer support `node < 6` by default, to use in node < 6, `require('ignore/legacy')`. For details, see [CHANGELOG](https://github.com/kaelzhang/node-ignore/blob/master/CHANGELOG.md).\n\n## Table Of Main Contents\n\n- [Usage](#usage)\n- [`Pathname` Conventions](#pathname-conventions)\n- See Also:\n - [`glob-gitignore`](https://www.npmjs.com/package/glob-gitignore) matches files using patterns and filters them according to gitignore rules.\n- [Upgrade Guide](#upgrade-guide)\n\n## Install\n\n```sh\nnpm i ignore\n```\n\n## Usage\n\n```js\nimport ignore from 'ignore'\nconst ig = ignore().add(['.abc/*', '!.abc/d/'])\n```\n\n### Filter the given paths\n\n```js\nconst paths = [\n '.abc/a.js', // filtered out\n '.abc/d/e.js' // included\n]\n\nig.filter(paths) // ['.abc/d/e.js']\nig.ignores('.abc/a.js') // true\n```\n\n### As the filter function\n\n```js\npaths.filter(ig.createFilter()); // ['.abc/d/e.js']\n```\n\n### Win32 paths will be handled\n\n```js\nig.filter(['.abc\\\\a.js', '.abc\\\\d\\\\e.js'])\n// if the code above runs on windows, the result will be\n// ['.abc\\\\d\\\\e.js']\n```\n\n## Why another ignore?\n\n- `ignore` is a standalone module, and is much simpler so that it could easy work with other programs, unlike [isaacs](https://npmjs.org/~isaacs)'s [fstream-ignore](https://npmjs.org/package/fstream-ignore) which must work with the modules of the fstream family.\n\n- `ignore` only contains utility methods to filter paths according to the specified ignore rules, so\n - `ignore` never try to find out ignore rules by traversing directories or fetching from git configurations.\n - `ignore` don't cares about sub-modules of git projects.\n\n- Exactly according to [gitignore man page](http://git-scm.com/docs/gitignore), fixes some known matching issues of fstream-ignore, such as:\n - '`/*.js`' should only match '`a.js`', but not '`abc/a.js`'.\n - '`**/foo`' should match '`foo`' anywhere.\n - Prevent re-including a file if a parent directory of that file is excluded.\n - Handle trailing whitespaces:\n - `'a '`(one space) should not match `'a '`(two spaces).\n - `'a \\ '` matches `'a '`\n - All test cases are verified with the result of `git check-ignore`.\n\n# Methods\n\n## .add(pattern: string | Ignore): this\n## .add(patterns: Array): this\n\n- **pattern** `String | Ignore` An ignore pattern string, or the `Ignore` instance\n- **patterns** `Array` Array of ignore patterns.\n\nAdds a rule or several rules to the current manager.\n\nReturns `this`\n\nNotice that a line starting with `'#'`(hash) is treated as a comment. Put a backslash (`'\\'`) in front of the first hash for patterns that begin with a hash, if you want to ignore a file with a hash at the beginning of the filename.\n\n```js\nignore().add('#abc').ignores('#abc') // false\nignore().add('\\#abc').ignores('#abc') // true\n```\n\n`pattern` could either be a line of ignore pattern or a string of multiple ignore patterns, which means we could just `ignore().add()` the content of a ignore file:\n\n```js\nignore()\n.add(fs.readFileSync(filenameOfGitignore).toString())\n.filter(filenames)\n```\n\n`pattern` could also be an `ignore` instance, so that we could easily inherit the rules of another `Ignore` instance.\n\n## .addIgnoreFile(path)\n\nREMOVED in `3.x` for now.\n\nTo upgrade `ignore@2.x` up to `3.x`, use\n\n```js\nimport fs from 'fs'\n\nif (fs.existsSync(filename)) {\n ignore().add(fs.readFileSync(filename).toString())\n}\n```\n\ninstead.\n\n## .filter(paths: Array<Pathname>): Array<Pathname>\n\n```ts\ntype Pathname = string\n```\n\nFilters the given array of pathnames, and returns the filtered array.\n\n- **paths** `Array.` The array of `pathname`s to be filtered.\n\n### `Pathname` Conventions:\n\n#### 1. `Pathname` should be a `path.relative()`d pathname\n\n`Pathname` should be a string that have been `path.join()`ed, or the return value of `path.relative()` to the current directory,\n\n```js\n// WRONG, an error will be thrown\nig.ignores('./abc')\n\n// WRONG, for it will never happen, and an error will be thrown\n// If the gitignore rule locates at the root directory,\n// `'/abc'` should be changed to `'abc'`.\n// ```\n// path.relative('/', '/abc') -> 'abc'\n// ```\nig.ignores('/abc')\n\n// WRONG, that it is an absolute path on Windows, an error will be thrown\nig.ignores('C:\\\\abc')\n\n// Right\nig.ignores('abc')\n\n// Right\nig.ignores(path.join('./abc')) // path.join('./abc') -> 'abc'\n```\n\nIn other words, each `Pathname` here should be a relative path to the directory of the gitignore rules.\n\nSuppose the dir structure is:\n\n```\n/path/to/your/repo\n |-- a\n | |-- a.js\n |\n |-- .b\n |\n |-- .c\n |-- .DS_store\n```\n\nThen the `paths` might be like this:\n\n```js\n[\n 'a/a.js'\n '.b',\n '.c/.DS_store'\n]\n```\n\n#### 2. filenames and dirnames\n\n`node-ignore` does NO `fs.stat` during path matching, so for the example below:\n\n```js\n// First, we add a ignore pattern to ignore a directory\nig.add('config/')\n\n// `ig` does NOT know if 'config', in the real world,\n// is a normal file, directory or something.\n\nig.ignores('config')\n// `ig` treats `config` as a file, so it returns `false`\n\nig.ignores('config/')\n// returns `true`\n```\n\nSpecially for people who develop some library based on `node-ignore`, it is important to understand that.\n\nUsually, you could use [`glob`](http://npmjs.org/package/glob) with `option.mark = true` to fetch the structure of the current directory:\n\n```js\nimport glob from 'glob'\n\nglob('**', {\n // Adds a / character to directory matches.\n mark: true\n}, (err, files) => {\n if (err) {\n return console.error(err)\n }\n\n let filtered = ignore().add(patterns).filter(files)\n console.log(filtered)\n})\n```\n\n## .ignores(pathname: Pathname): boolean\n\n> new in 3.2.0\n\nReturns `Boolean` whether `pathname` should be ignored.\n\n```js\nig.ignores('.abc/a.js') // true\n```\n\n## .createFilter()\n\nCreates a filter function which could filter an array of paths with `Array.prototype.filter`.\n\nReturns `function(path)` the filter function.\n\n## .test(pathname: Pathname) since 5.0.0\n\nReturns `TestResult`\n\n```ts\ninterface TestResult {\n ignored: boolean\n // true if the `pathname` is finally unignored by some negative pattern\n unignored: boolean\n}\n```\n\n- `{ignored: true, unignored: false}`: the `pathname` is ignored\n- `{ignored: false, unignored: true}`: the `pathname` is unignored\n- `{ignored: false, unignored: false}`: the `pathname` is never matched by any ignore rules.\n\n## `options.ignorecase` since 4.0.0\n\nSimilar as the `core.ignorecase` option of [git-config](https://git-scm.com/docs/git-config), `node-ignore` will be case insensitive if `options.ignorecase` is set to `true` (the default value), otherwise case sensitive.\n\n```js\nconst ig = ignore({\n ignorecase: false\n})\n\nig.add('*.png')\n\nig.ignores('*.PNG') // false\n```\n\n## static `ignore.isPathValid(pathname): boolean` since 5.0.0\n\nCheck whether the `pathname` is valid according to the [convention](#1-pathname-should-be-a-pathrelatived-pathname).\n\n```js\nignore.isPathValid('./foo') // false\n```\n\n****\n\n# Upgrade Guide\n\n## Upgrade 4.x -> 5.x\n\nSince `5.0.0`, if an invalid `Pathname` passed into `ig.ignores()`, an error will be thrown, while `ignore < 5.0.0` did not make sure what the return value was, as well as\n\n```ts\n.ignores(pathname: Pathname): boolean\n\n.filter(pathnames: Array): Array\n\n.createFilter(): (pathname: Pathname) => boolean\n\n.test(pathname: Pathname): {ignored: boolean, unignored: boolean}\n```\n\nSee the convention [here](#1-pathname-should-be-a-pathrelatived-pathname) for details.\n\nIf there are invalid pathnames, the conversion and filtration should be done by users.\n\n```js\nimport {isPathValid} from 'ignore' // introduced in 5.0.0\n\nconst paths = [\n // invalid\n //////////////////\n '',\n false,\n '../foo',\n '.',\n //////////////////\n\n // valid\n 'foo'\n]\n.filter(isValidPath)\n\nig.filter(paths)\n```\n\n## Upgrade 3.x -> 4.x\n\nSince `4.0.0`, `ignore` will no longer support node < 6, to use `ignore` in node < 6:\n\n```js\nvar ignore = require('ignore/legacy')\n```\n\n## Upgrade 2.x -> 3.x\n\n- All `options` of 2.x are unnecessary and removed, so just remove them.\n- `ignore()` instance is no longer an [`EventEmitter`](nodejs.org/api/events.html), and all events are unnecessary and removed.\n- `.addIgnoreFile()` is removed, see the [.addIgnoreFile](#addignorefilepath) section for details.\n\n****\n\n# Collaborators\n\n- [@whitecolor](https://github.com/whitecolor) *Alex*\n- [@SamyPesse](https://github.com/SamyPesse) *Samy Pessé*\n- [@azproduction](https://github.com/azproduction) *Mikhail Davydov*\n- [@TrySound](https://github.com/TrySound) *Bogdan Chadkin*\n- [@JanMattner](https://github.com/JanMattner) *Jan Mattner*\n- [@ntwb](https://github.com/ntwb) *Stephen Edgar*\n- [@kasperisager](https://github.com/kasperisager) *Kasper Isager*\n- [@sandersn](https://github.com/sandersn) *Nathan Shively-Sanders*\n", + "readmeFilename": "README.md", + "dependencies": {}, + "optionalDependencies": {}, + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/ignore", + "error": "[Circular]", + "extraneous": false + } + }, + "version": "", + "readme": "ERROR: No README data found!", + "_id": "demo-package-integrity@", + "_shrinkwrap": { + "name": "demo-package-integrity", + "requires": true, + "lockfileVersion": 1, + "dependencies": { + "base64-js": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "integrity": "sha1-aSbRsZT7xze47tUTdW3i/Np+pAg=" + }, + "buffer": { + "version": "5.4.3", + "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "integrity": "sha384-5h1Ji04NR2cbjiY1Shby16SPB3BEtCSWxVGdwPX+AOeweYK1SAjyLLgbJ4mXAAVU", + "requires": { + "base64-js": "^1.0.2", + "ieee754": "^1.1.4" + }, + "dependencies": { + "base64-js": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "integrity": "sha1-WOzoy3XdB+ce0IxzarxfrE2/jfE=" + } + } + }, + "ieee754": { + "version": "1.1.13", + "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "integrity": "sha256-YD5rTEDaFVG7qr6KqKSzX2LxMrC2DpmQalnwrQTUeuI=" + }, + "ignore": { + "version": "5.1.4", + "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "integrity": "sha512-MzbUSahkTW1u7JpKKjY7LCARd1fU5W2rLdxlM4kdkayuCwZImjkpluF9CM1aLewYJguPDqewLam18Y6AU69A8A==" + } + } + }, + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": { + "buffer": "^5.4.3", + "ignore": "^5.1.4", + "base64-js": "1.0.1" + }, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project", + "error": "[Circular]", + "extraneous": false +} diff --git a/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm6_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm6_node22_windows-latest.json new file mode 100644 index 00000000..4dd4affc --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm6_node22_windows-latest.json @@ -0,0 +1,531 @@ +{ + "name": "demo-package-integrity", + "description": "demo: package-integrity -- packages with different integrity information.", + "private": true, + "dependencies": { + "base64-js": { + "_args": [ + [ + "base64-js@1.0.1", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project" + ], + [ + "base64-js@1.0.1", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project" + ] + ], + "_from": "base64-js@1.0.1", + "_id": "base64-js@1.0.1", + "_integrity": "sha1-aSbRsZT7xze47tUTdW3i/Np+pAg=", + "_location": "/base64-js", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "base64-js@1.0.1", + "name": "base64-js", + "escapedName": "base64-js", + "rawSpec": "1.0.1", + "saveSpec": null, + "fetchSpec": "1.0.1" + }, + "_requiredBy": [ + "/" + ], + "_resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "_spec": "1.0.1", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project", + "author": { + "name": "T. Jameson Little", + "email": "t.jameson.little@gmail.com" + }, + "bugs": { + "url": "https://github.com/beatgammit/base64-js/issues" + }, + "dependencies": {}, + "description": "Base64 encoding/decoding in pure JS", + "devDependencies": { + "standard": "^5.2.2", + "tape": "4.x" + }, + "engines": { + "node": ">= 0.4" + }, + "homepage": "https://github.com/beatgammit/base64-js#readme", + "license": "MIT", + "main": "lib/b64.js", + "name": "base64-js", + "repository": { + "type": "git", + "url": "git://github.com/beatgammit/base64-js.git" + }, + "scripts": { + "test": "standard && tape test/*.js" + }, + "testling": { + "files": "test/*.js", + "browsers": [ + "ie/6..latest", + "chrome/4..latest", + "firefox/3..latest", + "safari/5.1..latest", + "opera/11.0..latest", + "iphone/6", + "ipad/6" + ] + }, + "version": "1.0.1", + "readme": "base64-js\n=========\n\n`base64-js` does basic base64 encoding/decoding in pure JS.\n\n[![build status](https://secure.travis-ci.org/beatgammit/base64-js.png)](http://travis-ci.org/beatgammit/base64-js)\n\n[![testling badge](https://ci.testling.com/beatgammit/base64-js.png)](https://ci.testling.com/beatgammit/base64-js)\n\nMany browsers already have base64 encoding/decoding functionality, but it is for text data, not all-purpose binary data.\n\nSometimes encoding/decoding binary data in the browser is useful, and that is what this module does.\n\n## install\n\nWith [npm](https://npmjs.org) do:\n\n`npm install base64-js`\n\n## methods\n\n`var base64 = require('base64-js')`\n\n`base64` has two exposed functions, `toByteArray` and `fromByteArray`, which both take a single argument.\n\n* `toByteArray` - Takes a base64 string and returns a byte array\n* `fromByteArray` - Takes a byte array and returns a base64 string\n\n## license\n\nMIT", + "readmeFilename": "README.md", + "optionalDependencies": {}, + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project\\node_modules\\base64-js", + "error": "[Circular]", + "extraneous": false + }, + "buffer": { + "_args": [ + [ + "buffer@5.4.3", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project" + ], + [ + "buffer@5.4.3", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project" + ] + ], + "_from": "buffer@5.4.3", + "_id": "buffer@5.4.3", + "_integrity": "sha384-5h1Ji04NR2cbjiY1Shby16SPB3BEtCSWxVGdwPX+AOeweYK1SAjyLLgbJ4mXAAVU", + "_location": "/buffer", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "buffer@5.4.3", + "name": "buffer", + "escapedName": "buffer", + "rawSpec": "5.4.3", + "saveSpec": "[Circular]", + "fetchSpec": "5.4.3" + }, + "_requiredBy": [ + "/" + ], + "_resolved": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "_spec": "5.4.3", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project", + "author": { + "name": "Feross Aboukhadijeh", + "email": "feross@feross.org", + "url": "http://feross.org" + }, + "bugs": { + "url": "https://github.com/feross/buffer/issues" + }, + "contributors": [ + { + "name": "Romain Beauxis", + "email": "toots@rastageeks.org" + }, + { + "name": "James Halliday", + "email": "mail@substack.net" + } + ], + "dependencies": { + "base64-js": { + "_args": [ + [ + "base64-js@1.3.1", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project" + ], + [ + "base64-js@1.3.1", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project" + ] + ], + "_from": "base64-js@1.3.1", + "_id": "base64-js@1.3.1", + "_integrity": "sha1-WOzoy3XdB+ce0IxzarxfrE2/jfE=", + "_location": "/buffer/base64-js", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "base64-js@1.3.1", + "name": "base64-js", + "escapedName": "base64-js", + "rawSpec": "1.3.1", + "saveSpec": "[Circular]", + "fetchSpec": "1.3.1" + }, + "_requiredBy": [ + "/buffer" + ], + "_resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "_spec": "1.3.1", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project", + "author": { + "name": "T. Jameson Little", + "email": "t.jameson.little@gmail.com" + }, + "bugs": { + "url": "https://github.com/beatgammit/base64-js/issues" + }, + "description": "Base64 encoding/decoding in pure JS", + "devDependencies": { + "benchmark": "^2.1.4", + "browserify": "^16.3.0", + "standard": "*", + "tape": "4.x", + "uglify-js": "^3.6.0" + }, + "homepage": "https://github.com/beatgammit/base64-js", + "keywords": [ + "base64" + ], + "license": "MIT", + "main": "index.js", + "name": "base64-js", + "repository": { + "type": "git", + "url": "git://github.com/beatgammit/base64-js.git" + }, + "scripts": { + "build": "browserify -s base64js -r ./ | uglifyjs -m > base64js.min.js", + "lint": "standard", + "test": "npm run lint && npm run unit", + "unit": "tape test/*.js" + }, + "version": "1.3.1", + "readme": "base64-js\n=========\n\n`base64-js` does basic base64 encoding/decoding in pure JS.\n\n[![build status](https://secure.travis-ci.org/beatgammit/base64-js.png)](http://travis-ci.org/beatgammit/base64-js)\n\nMany browsers already have base64 encoding/decoding functionality, but it is for text data, not all-purpose binary data.\n\nSometimes encoding/decoding binary data in the browser is useful, and that is what this module does.\n\n## install\n\nWith [npm](https://npmjs.org) do:\n\n`npm install base64-js` and `var base64js = require('base64-js')`\n\nFor use in web browsers do:\n\n``\n\n## methods\n\n`base64js` has three exposed functions, `byteLength`, `toByteArray` and `fromByteArray`, which both take a single argument.\n\n* `byteLength` - Takes a base64 string and returns length of byte array\n* `toByteArray` - Takes a base64 string and returns a byte array\n* `fromByteArray` - Takes a byte array and returns a base64 string\n\n## license\n\nMIT\n", + "readmeFilename": "README.md", + "dependencies": {}, + "optionalDependencies": {}, + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project\\node_modules\\buffer\\node_modules\\base64-js", + "error": "[Circular]", + "extraneous": false + }, + "ieee754": { + "_args": [ + [ + "ieee754@1.1.13", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project" + ], + [ + "ieee754@1.1.13", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project" + ] + ], + "_from": "ieee754@1.1.13", + "_id": "ieee754@1.1.13", + "_integrity": "sha256-YD5rTEDaFVG7qr6KqKSzX2LxMrC2DpmQalnwrQTUeuI=", + "_location": "/ieee754", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "ieee754@1.1.13", + "name": "ieee754", + "escapedName": "ieee754", + "rawSpec": "1.1.13", + "saveSpec": "[Circular]", + "fetchSpec": "1.1.13" + }, + "_requiredBy": [ + "/buffer" + ], + "_resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "_spec": "1.1.13", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project", + "author": { + "name": "Feross Aboukhadijeh", + "email": "feross@feross.org", + "url": "http://feross.org" + }, + "bugs": { + "url": "https://github.com/feross/ieee754/issues" + }, + "contributors": [ + { + "name": "Romain Beauxis", + "email": "toots@rastageeks.org" + } + ], + "description": "Read/write IEEE754 floating point numbers from/to a Buffer or array-like object", + "devDependencies": { + "airtap": "0.1.0", + "standard": "*", + "tape": "^4.0.0" + }, + "homepage": "https://github.com/feross/ieee754#readme", + "keywords": [ + "IEEE 754", + "buffer", + "convert", + "floating point", + "ieee754" + ], + "license": "BSD-3-Clause", + "main": "index.js", + "name": "ieee754", + "repository": { + "type": "git", + "url": "git://github.com/feross/ieee754.git" + }, + "scripts": { + "test": "standard && npm run test-node && npm run test-browser", + "test-browser": "airtap -- test/*.js", + "test-browser-local": "airtap --local -- test/*.js", + "test-node": "tape test/*.js" + }, + "version": "1.1.13", + "readme": "# ieee754 [![travis][travis-image]][travis-url] [![npm][npm-image]][npm-url] [![downloads][downloads-image]][downloads-url] [![javascript style guide][standard-image]][standard-url]\n\n[travis-image]: https://img.shields.io/travis/feross/ieee754/master.svg\n[travis-url]: https://travis-ci.org/feross/ieee754\n[npm-image]: https://img.shields.io/npm/v/ieee754.svg\n[npm-url]: https://npmjs.org/package/ieee754\n[downloads-image]: https://img.shields.io/npm/dm/ieee754.svg\n[downloads-url]: https://npmjs.org/package/ieee754\n[standard-image]: https://img.shields.io/badge/code_style-standard-brightgreen.svg\n[standard-url]: https://standardjs.com\n\n[![saucelabs][saucelabs-image]][saucelabs-url]\n\n[saucelabs-image]: https://saucelabs.com/browser-matrix/ieee754.svg\n[saucelabs-url]: https://saucelabs.com/u/ieee754\n\n### Read/write IEEE754 floating point numbers from/to a Buffer or array-like object.\n\n## install\n\n```\nnpm install ieee754\n```\n\n[Get supported ieee754 with the Tidelift Subscription](https://tidelift.com/subscription/pkg/npm-ieee754?utm_source=npm-ieee754&utm_medium=referral&utm_campaign=readme)\n\n## methods\n\n`var ieee754 = require('ieee754')`\n\nThe `ieee754` object has the following functions:\n\n```\nieee754.read = function (buffer, offset, isLE, mLen, nBytes)\nieee754.write = function (buffer, value, offset, isLE, mLen, nBytes)\n```\n\nThe arguments mean the following:\n\n- buffer = the buffer\n- offset = offset into the buffer\n- value = value to set (only for `write`)\n- isLe = is little endian?\n- mLen = mantissa length\n- nBytes = number of bytes\n\n## what is ieee754?\n\nThe IEEE Standard for Floating-Point Arithmetic (IEEE 754) is a technical standard for floating-point computation. [Read more](http://en.wikipedia.org/wiki/IEEE_floating_point).\n\n## license\n\nBSD 3 Clause. Copyright (c) 2008, Fair Oaks Labs, Inc.\n", + "readmeFilename": "README.md", + "dependencies": {}, + "optionalDependencies": {}, + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project\\node_modules\\ieee754", + "error": "[Circular]", + "extraneous": false + } + }, + "description": "Node.js Buffer API, for the browser", + "devDependencies": { + "airtap": "^2.0.3", + "benchmark": "^2.0.0", + "browserify": "^16.1.0", + "concat-stream": "^2.0.0", + "hyperquest": "^2.0.0", + "is-buffer": "^2.0.0", + "is-nan": "^1.0.1", + "split": "^1.0.0", + "standard": "*", + "tape": "^4.0.0", + "through2": "^3.0.1", + "uglify-js": "^3.4.5" + }, + "homepage": "https://github.com/feross/buffer", + "jspm": { + "map": { + "./index.js": { + "node": "@node/buffer" + } + } + }, + "keywords": [ + "arraybuffer", + "browser", + "browserify", + "buffer", + "compatible", + "dataview", + "uint8array" + ], + "license": "MIT", + "main": "index.js", + "name": "buffer", + "repository": { + "type": "git", + "url": "git://github.com/feross/buffer.git" + }, + "scripts": { + "perf": "browserify --debug perf/bracket-notation.js > perf/bundle.js && open perf/index.html", + "perf-node": "node perf/bracket-notation.js && node perf/concat.js && node perf/copy-big.js && node perf/copy.js && node perf/new-big.js && node perf/new.js && node perf/readDoubleBE.js && node perf/readFloatBE.js && node perf/readUInt32LE.js && node perf/slice.js && node perf/writeFloatBE.js", + "size": "browserify -r ./ | uglifyjs -c -m | gzip | wc -c", + "test": "standard && node ./bin/test.js", + "test-browser-es5": "airtap -- test/*.js", + "test-browser-es5-local": "airtap --local -- test/*.js", + "test-browser-es6": "airtap -- test/*.js test/node/*.js", + "test-browser-es6-local": "airtap --local -- test/*.js test/node/*.js", + "test-node": "tape test/*.js test/node/*.js", + "update-authors": "./bin/update-authors.sh" + }, + "standard": { + "ignore": [ + "test/node/**/*.js", + "test/common.js", + "test/_polyfill.js", + "perf/**/*.js" + ] + }, + "types": "index.d.ts", + "version": "5.4.3", + "readme": "# buffer [![travis][travis-image]][travis-url] [![npm][npm-image]][npm-url] [![downloads][downloads-image]][downloads-url] [![javascript style guide][standard-image]][standard-url]\n\n[travis-image]: https://img.shields.io/travis/feross/buffer/master.svg\n[travis-url]: https://travis-ci.org/feross/buffer\n[npm-image]: https://img.shields.io/npm/v/buffer.svg\n[npm-url]: https://npmjs.org/package/buffer\n[downloads-image]: https://img.shields.io/npm/dm/buffer.svg\n[downloads-url]: https://npmjs.org/package/buffer\n[standard-image]: https://img.shields.io/badge/code_style-standard-brightgreen.svg\n[standard-url]: https://standardjs.com\n\n#### The buffer module from [node.js](https://nodejs.org/), for the browser.\n\n[![saucelabs][saucelabs-image]][saucelabs-url]\n\n[saucelabs-image]: https://saucelabs.com/browser-matrix/buffer.svg\n[saucelabs-url]: https://saucelabs.com/u/buffer\n\nWith [browserify](http://browserify.org), simply `require('buffer')` or use the `Buffer` global and you will get this module.\n\nThe goal is to provide an API that is 100% identical to\n[node's Buffer API](https://nodejs.org/api/buffer.html). Read the\n[official docs](https://nodejs.org/api/buffer.html) for the full list of properties,\ninstance methods, and class methods that are supported.\n\n## features\n\n- Manipulate binary data like a boss, in all browsers!\n- Super fast. Backed by Typed Arrays (`Uint8Array`/`ArrayBuffer`, not `Object`)\n- Extremely small bundle size (**6.75KB minified + gzipped**, 51.9KB with comments)\n- Excellent browser support (Chrome, Firefox, Edge, Safari 9+, IE 11, iOS 9+, Android, etc.)\n- Preserves Node API exactly, with one minor difference (see below)\n- Square-bracket `buf[4]` notation works!\n- Does not modify any browser prototypes or put anything on `window`\n- Comprehensive test suite (including all buffer tests from node.js core)\n\n\n## install\n\nTo use this module directly (without browserify), install it:\n\n```bash\nnpm install buffer\n```\n\n[Get supported buffer with the Tidelift Subscription](https://tidelift.com/subscription/pkg/npm-buffer?utm_source=npm-buffer&utm_medium=referral&utm_campaign=readme)\n\nThis module was previously called **native-buffer-browserify**, but please use **buffer**\nfrom now on.\n\nIf you do not use a bundler, you can use the [standalone script](https://bundle.run/buffer).\n\n## usage\n\nThe module's API is identical to node's `Buffer` API. Read the\n[official docs](https://nodejs.org/api/buffer.html) for the full list of properties,\ninstance methods, and class methods that are supported.\n\nAs mentioned above, `require('buffer')` or use the `Buffer` global with\n[browserify](http://browserify.org) and this module will automatically be included\nin your bundle. Almost any npm module will work in the browser, even if it assumes that\nthe node `Buffer` API will be available.\n\nTo depend on this module explicitly (without browserify), require it like this:\n\n```js\nvar Buffer = require('buffer/').Buffer // note: the trailing slash is important!\n```\n\nTo require this module explicitly, use `require('buffer/')` which tells the node.js module\nlookup algorithm (also used by browserify) to use the **npm module** named `buffer`\ninstead of the **node.js core** module named `buffer`!\n\n\n## how does it work?\n\nThe Buffer constructor returns instances of `Uint8Array` that have their prototype\nchanged to `Buffer.prototype`. Furthermore, `Buffer` is a subclass of `Uint8Array`,\nso the returned instances will have all the node `Buffer` methods and the\n`Uint8Array` methods. Square bracket notation works as expected -- it returns a\nsingle octet.\n\nThe `Uint8Array` prototype remains unmodified.\n\n\n## tracking the latest node api\n\nThis module tracks the Buffer API in the latest (unstable) version of node.js. The Buffer\nAPI is considered **stable** in the\n[node stability index](https://nodejs.org/docs/latest/api/documentation.html#documentation_stability_index),\nso it is unlikely that there will ever be breaking changes.\nNonetheless, when/if the Buffer API changes in node, this module's API will change\naccordingly.\n\n## related packages\n\n- [`buffer-reverse`](https://www.npmjs.com/package/buffer-reverse) - Reverse a buffer\n- [`buffer-xor`](https://www.npmjs.com/package/buffer-xor) - Bitwise xor a buffer\n- [`is-buffer`](https://www.npmjs.com/package/is-buffer) - Determine if an object is a Buffer without including the whole `Buffer` package\n\n## conversion packages\n\n### convert typed array to buffer\n\nUse [`typedarray-to-buffer`](https://www.npmjs.com/package/typedarray-to-buffer) to convert any kind of typed array to a `Buffer`. Does not perform a copy, so it's super fast.\n\n### convert buffer to typed array\n\n`Buffer` is a subclass of `Uint8Array` (which is a typed array). So there is no need to explicitly convert to typed array. Just use the buffer as a `Uint8Array`.\n\n### convert blob to buffer\n\nUse [`blob-to-buffer`](https://www.npmjs.com/package/blob-to-buffer) to convert a `Blob` to a `Buffer`.\n\n### convert buffer to blob\n\nTo convert a `Buffer` to a `Blob`, use the `Blob` constructor:\n\n```js\nvar blob = new Blob([ buffer ])\n```\n\nOptionally, specify a mimetype:\n\n```js\nvar blob = new Blob([ buffer ], { type: 'text/html' })\n```\n\n### convert arraybuffer to buffer\n\nTo convert an `ArrayBuffer` to a `Buffer`, use the `Buffer.from` function. Does not perform a copy, so it's super fast.\n\n```js\nvar buffer = Buffer.from(arrayBuffer)\n```\n\n### convert buffer to arraybuffer\n\nTo convert a `Buffer` to an `ArrayBuffer`, use the `.buffer` property (which is present on all `Uint8Array` objects):\n\n```js\nvar arrayBuffer = buffer.buffer.slice(\n buffer.byteOffset, buffer.byteOffset + buffer.byteLength\n)\n```\n\nAlternatively, use the [`to-arraybuffer`](https://www.npmjs.com/package/to-arraybuffer) module.\n\n## performance\n\nSee perf tests in `/perf`.\n\n`BrowserBuffer` is the browser `buffer` module (this repo). `Uint8Array` is included as a\nsanity check (since `BrowserBuffer` uses `Uint8Array` under the hood, `Uint8Array` will\nalways be at least a bit faster). Finally, `NodeBuffer` is the node.js buffer module,\nwhich is included to compare against.\n\nNOTE: Performance has improved since these benchmarks were taken. PR welcome to update the README.\n\n### Chrome 38\n\n| Method | Operations | Accuracy | Sampled | Fastest |\n|:-------|:-----------|:---------|:--------|:-------:|\n| BrowserBuffer#bracket-notation | 11,457,464 ops/sec | ±0.86% | 66 | ✓ |\n| Uint8Array#bracket-notation | 10,824,332 ops/sec | ±0.74% | 65 | |\n| | | | |\n| BrowserBuffer#concat | 450,532 ops/sec | ±0.76% | 68 | |\n| Uint8Array#concat | 1,368,911 ops/sec | ±1.50% | 62 | ✓ |\n| | | | |\n| BrowserBuffer#copy(16000) | 903,001 ops/sec | ±0.96% | 67 | |\n| Uint8Array#copy(16000) | 1,422,441 ops/sec | ±1.04% | 66 | ✓ |\n| | | | |\n| BrowserBuffer#copy(16) | 11,431,358 ops/sec | ±0.46% | 69 | |\n| Uint8Array#copy(16) | 13,944,163 ops/sec | ±1.12% | 68 | ✓ |\n| | | | |\n| BrowserBuffer#new(16000) | 106,329 ops/sec | ±6.70% | 44 | |\n| Uint8Array#new(16000) | 131,001 ops/sec | ±2.85% | 31 | ✓ |\n| | | | |\n| BrowserBuffer#new(16) | 1,554,491 ops/sec | ±1.60% | 65 | |\n| Uint8Array#new(16) | 6,623,930 ops/sec | ±1.66% | 65 | ✓ |\n| | | | |\n| BrowserBuffer#readDoubleBE | 112,830 ops/sec | ±0.51% | 69 | ✓ |\n| DataView#getFloat64 | 93,500 ops/sec | ±0.57% | 68 | |\n| | | | |\n| BrowserBuffer#readFloatBE | 146,678 ops/sec | ±0.95% | 68 | ✓ |\n| DataView#getFloat32 | 99,311 ops/sec | ±0.41% | 67 | |\n| | | | |\n| BrowserBuffer#readUInt32LE | 843,214 ops/sec | ±0.70% | 69 | ✓ |\n| DataView#getUint32 | 103,024 ops/sec | ±0.64% | 67 | |\n| | | | |\n| BrowserBuffer#slice | 1,013,941 ops/sec | ±0.75% | 67 | |\n| Uint8Array#subarray | 1,903,928 ops/sec | ±0.53% | 67 | ✓ |\n| | | | |\n| BrowserBuffer#writeFloatBE | 61,387 ops/sec | ±0.90% | 67 | |\n| DataView#setFloat32 | 141,249 ops/sec | ±0.40% | 66 | ✓ |\n\n\n### Firefox 33\n\n| Method | Operations | Accuracy | Sampled | Fastest |\n|:-------|:-----------|:---------|:--------|:-------:|\n| BrowserBuffer#bracket-notation | 20,800,421 ops/sec | ±1.84% | 60 | |\n| Uint8Array#bracket-notation | 20,826,235 ops/sec | ±2.02% | 61 | ✓ |\n| | | | |\n| BrowserBuffer#concat | 153,076 ops/sec | ±2.32% | 61 | |\n| Uint8Array#concat | 1,255,674 ops/sec | ±8.65% | 52 | ✓ |\n| | | | |\n| BrowserBuffer#copy(16000) | 1,105,312 ops/sec | ±1.16% | 63 | |\n| Uint8Array#copy(16000) | 1,615,911 ops/sec | ±0.55% | 66 | ✓ |\n| | | | |\n| BrowserBuffer#copy(16) | 16,357,599 ops/sec | ±0.73% | 68 | |\n| Uint8Array#copy(16) | 31,436,281 ops/sec | ±1.05% | 68 | ✓ |\n| | | | |\n| BrowserBuffer#new(16000) | 52,995 ops/sec | ±6.01% | 35 | |\n| Uint8Array#new(16000) | 87,686 ops/sec | ±5.68% | 45 | ✓ |\n| | | | |\n| BrowserBuffer#new(16) | 252,031 ops/sec | ±1.61% | 66 | |\n| Uint8Array#new(16) | 8,477,026 ops/sec | ±0.49% | 68 | ✓ |\n| | | | |\n| BrowserBuffer#readDoubleBE | 99,871 ops/sec | ±0.41% | 69 | |\n| DataView#getFloat64 | 285,663 ops/sec | ±0.70% | 68 | ✓ |\n| | | | |\n| BrowserBuffer#readFloatBE | 115,540 ops/sec | ±0.42% | 69 | |\n| DataView#getFloat32 | 288,722 ops/sec | ±0.82% | 68 | ✓ |\n| | | | |\n| BrowserBuffer#readUInt32LE | 633,926 ops/sec | ±1.08% | 67 | ✓ |\n| DataView#getUint32 | 294,808 ops/sec | ±0.79% | 64 | |\n| | | | |\n| BrowserBuffer#slice | 349,425 ops/sec | ±0.46% | 69 | |\n| Uint8Array#subarray | 5,965,819 ops/sec | ±0.60% | 65 | ✓ |\n| | | | |\n| BrowserBuffer#writeFloatBE | 59,980 ops/sec | ±0.41% | 67 | |\n| DataView#setFloat32 | 317,634 ops/sec | ±0.63% | 68 | ✓ |\n\n### Safari 8\n\n| Method | Operations | Accuracy | Sampled | Fastest |\n|:-------|:-----------|:---------|:--------|:-------:|\n| BrowserBuffer#bracket-notation | 10,279,729 ops/sec | ±2.25% | 56 | ✓ |\n| Uint8Array#bracket-notation | 10,030,767 ops/sec | ±2.23% | 59 | |\n| | | | |\n| BrowserBuffer#concat | 144,138 ops/sec | ±1.38% | 65 | |\n| Uint8Array#concat | 4,950,764 ops/sec | ±1.70% | 63 | ✓ |\n| | | | |\n| BrowserBuffer#copy(16000) | 1,058,548 ops/sec | ±1.51% | 64 | |\n| Uint8Array#copy(16000) | 1,409,666 ops/sec | ±1.17% | 65 | ✓ |\n| | | | |\n| BrowserBuffer#copy(16) | 6,282,529 ops/sec | ±1.88% | 58 | |\n| Uint8Array#copy(16) | 11,907,128 ops/sec | ±2.87% | 58 | ✓ |\n| | | | |\n| BrowserBuffer#new(16000) | 101,663 ops/sec | ±3.89% | 57 | |\n| Uint8Array#new(16000) | 22,050,818 ops/sec | ±6.51% | 46 | ✓ |\n| | | | |\n| BrowserBuffer#new(16) | 176,072 ops/sec | ±2.13% | 64 | |\n| Uint8Array#new(16) | 24,385,731 ops/sec | ±5.01% | 51 | ✓ |\n| | | | |\n| BrowserBuffer#readDoubleBE | 41,341 ops/sec | ±1.06% | 67 | |\n| DataView#getFloat64 | 322,280 ops/sec | ±0.84% | 68 | ✓ |\n| | | | |\n| BrowserBuffer#readFloatBE | 46,141 ops/sec | ±1.06% | 65 | |\n| DataView#getFloat32 | 337,025 ops/sec | ±0.43% | 69 | ✓ |\n| | | | |\n| BrowserBuffer#readUInt32LE | 151,551 ops/sec | ±1.02% | 66 | |\n| DataView#getUint32 | 308,278 ops/sec | ±0.94% | 67 | ✓ |\n| | | | |\n| BrowserBuffer#slice | 197,365 ops/sec | ±0.95% | 66 | |\n| Uint8Array#subarray | 9,558,024 ops/sec | ±3.08% | 58 | ✓ |\n| | | | |\n| BrowserBuffer#writeFloatBE | 17,518 ops/sec | ±1.03% | 63 | |\n| DataView#setFloat32 | 319,751 ops/sec | ±0.48% | 68 | ✓ |\n\n\n### Node 0.11.14\n\n| Method | Operations | Accuracy | Sampled | Fastest |\n|:-------|:-----------|:---------|:--------|:-------:|\n| BrowserBuffer#bracket-notation | 10,489,828 ops/sec | ±3.25% | 90 | |\n| Uint8Array#bracket-notation | 10,534,884 ops/sec | ±0.81% | 92 | ✓ |\n| NodeBuffer#bracket-notation | 10,389,910 ops/sec | ±0.97% | 87 | |\n| | | | |\n| BrowserBuffer#concat | 487,830 ops/sec | ±2.58% | 88 | |\n| Uint8Array#concat | 1,814,327 ops/sec | ±1.28% | 88 | ✓ |\n| NodeBuffer#concat | 1,636,523 ops/sec | ±1.88% | 73 | |\n| | | | |\n| BrowserBuffer#copy(16000) | 1,073,665 ops/sec | ±0.77% | 90 | |\n| Uint8Array#copy(16000) | 1,348,517 ops/sec | ±0.84% | 89 | ✓ |\n| NodeBuffer#copy(16000) | 1,289,533 ops/sec | ±0.82% | 93 | |\n| | | | |\n| BrowserBuffer#copy(16) | 12,782,706 ops/sec | ±0.74% | 85 | |\n| Uint8Array#copy(16) | 14,180,427 ops/sec | ±0.93% | 92 | ✓ |\n| NodeBuffer#copy(16) | 11,083,134 ops/sec | ±1.06% | 89 | |\n| | | | |\n| BrowserBuffer#new(16000) | 141,678 ops/sec | ±3.30% | 67 | |\n| Uint8Array#new(16000) | 161,491 ops/sec | ±2.96% | 60 | |\n| NodeBuffer#new(16000) | 292,699 ops/sec | ±3.20% | 55 | ✓ |\n| | | | |\n| BrowserBuffer#new(16) | 1,655,466 ops/sec | ±2.41% | 82 | |\n| Uint8Array#new(16) | 14,399,926 ops/sec | ±0.91% | 94 | ✓ |\n| NodeBuffer#new(16) | 3,894,696 ops/sec | ±0.88% | 92 | |\n| | | | |\n| BrowserBuffer#readDoubleBE | 109,582 ops/sec | ±0.75% | 93 | ✓ |\n| DataView#getFloat64 | 91,235 ops/sec | ±0.81% | 90 | |\n| NodeBuffer#readDoubleBE | 88,593 ops/sec | ±0.96% | 81 | |\n| | | | |\n| BrowserBuffer#readFloatBE | 139,854 ops/sec | ±1.03% | 85 | ✓ |\n| DataView#getFloat32 | 98,744 ops/sec | ±0.80% | 89 | |\n| NodeBuffer#readFloatBE | 92,769 ops/sec | ±0.94% | 93 | |\n| | | | |\n| BrowserBuffer#readUInt32LE | 710,861 ops/sec | ±0.82% | 92 | |\n| DataView#getUint32 | 117,893 ops/sec | ±0.84% | 91 | |\n| NodeBuffer#readUInt32LE | 851,412 ops/sec | ±0.72% | 93 | ✓ |\n| | | | |\n| BrowserBuffer#slice | 1,673,877 ops/sec | ±0.73% | 94 | |\n| Uint8Array#subarray | 6,919,243 ops/sec | ±0.67% | 90 | ✓ |\n| NodeBuffer#slice | 4,617,604 ops/sec | ±0.79% | 93 | |\n| | | | |\n| BrowserBuffer#writeFloatBE | 66,011 ops/sec | ±0.75% | 93 | |\n| DataView#setFloat32 | 127,760 ops/sec | ±0.72% | 93 | ✓ |\n| NodeBuffer#writeFloatBE | 103,352 ops/sec | ±0.83% | 93 | |\n\n### iojs 1.8.1\n\n| Method | Operations | Accuracy | Sampled | Fastest |\n|:-------|:-----------|:---------|:--------|:-------:|\n| BrowserBuffer#bracket-notation | 10,990,488 ops/sec | ±1.11% | 91 | |\n| Uint8Array#bracket-notation | 11,268,757 ops/sec | ±0.65% | 97 | |\n| NodeBuffer#bracket-notation | 11,353,260 ops/sec | ±0.83% | 94 | ✓ |\n| | | | |\n| BrowserBuffer#concat | 378,954 ops/sec | ±0.74% | 94 | |\n| Uint8Array#concat | 1,358,288 ops/sec | ±0.97% | 87 | |\n| NodeBuffer#concat | 1,934,050 ops/sec | ±1.11% | 78 | ✓ |\n| | | | |\n| BrowserBuffer#copy(16000) | 894,538 ops/sec | ±0.56% | 84 | |\n| Uint8Array#copy(16000) | 1,442,656 ops/sec | ±0.71% | 96 | |\n| NodeBuffer#copy(16000) | 1,457,898 ops/sec | ±0.53% | 92 | ✓ |\n| | | | |\n| BrowserBuffer#copy(16) | 12,870,457 ops/sec | ±0.67% | 95 | |\n| Uint8Array#copy(16) | 16,643,989 ops/sec | ±0.61% | 93 | ✓ |\n| NodeBuffer#copy(16) | 14,885,848 ops/sec | ±0.74% | 94 | |\n| | | | |\n| BrowserBuffer#new(16000) | 109,264 ops/sec | ±4.21% | 63 | |\n| Uint8Array#new(16000) | 138,916 ops/sec | ±1.87% | 61 | |\n| NodeBuffer#new(16000) | 281,449 ops/sec | ±3.58% | 51 | ✓ |\n| | | | |\n| BrowserBuffer#new(16) | 1,362,935 ops/sec | ±0.56% | 99 | |\n| Uint8Array#new(16) | 6,193,090 ops/sec | ±0.64% | 95 | ✓ |\n| NodeBuffer#new(16) | 4,745,425 ops/sec | ±1.56% | 90 | |\n| | | | |\n| BrowserBuffer#readDoubleBE | 118,127 ops/sec | ±0.59% | 93 | ✓ |\n| DataView#getFloat64 | 107,332 ops/sec | ±0.65% | 91 | |\n| NodeBuffer#readDoubleBE | 116,274 ops/sec | ±0.94% | 95 | |\n| | | | |\n| BrowserBuffer#readFloatBE | 150,326 ops/sec | ±0.58% | 95 | ✓ |\n| DataView#getFloat32 | 110,541 ops/sec | ±0.57% | 98 | |\n| NodeBuffer#readFloatBE | 121,599 ops/sec | ±0.60% | 87 | |\n| | | | |\n| BrowserBuffer#readUInt32LE | 814,147 ops/sec | ±0.62% | 93 | |\n| DataView#getUint32 | 137,592 ops/sec | ±0.64% | 90 | |\n| NodeBuffer#readUInt32LE | 931,650 ops/sec | ±0.71% | 96 | ✓ |\n| | | | |\n| BrowserBuffer#slice | 878,590 ops/sec | ±0.68% | 93 | |\n| Uint8Array#subarray | 2,843,308 ops/sec | ±1.02% | 90 | |\n| NodeBuffer#slice | 4,998,316 ops/sec | ±0.68% | 90 | ✓ |\n| | | | |\n| BrowserBuffer#writeFloatBE | 65,927 ops/sec | ±0.74% | 93 | |\n| DataView#setFloat32 | 139,823 ops/sec | ±0.97% | 89 | ✓ |\n| NodeBuffer#writeFloatBE | 135,763 ops/sec | ±0.65% | 96 | |\n| | | | |\n\n## Testing the project\n\nFirst, install the project:\n\n npm install\n\nThen, to run tests in Node.js, run:\n\n npm run test-node\n\nTo test locally in a browser, you can run:\n\n npm run test-browser-es5-local # For ES5 browsers that don't support ES6\n npm run test-browser-es6-local # For ES6 compliant browsers\n\nThis will print out a URL that you can then open in a browser to run the tests, using [airtap](https://www.npmjs.com/package/airtap).\n\nTo run automated browser tests using Saucelabs, ensure that your `SAUCE_USERNAME` and `SAUCE_ACCESS_KEY` environment variables are set, then run:\n\n npm test\n\nThis is what's run in Travis, to check against various browsers. The list of browsers is kept in the `bin/airtap-es5.yml` and `bin/airtap-es6.yml` files.\n\n## JavaScript Standard Style\n\nThis module uses [JavaScript Standard Style](https://github.com/feross/standard).\n\n[![JavaScript Style Guide](https://cdn.rawgit.com/feross/standard/master/badge.svg)](https://github.com/feross/standard)\n\nTo test that the code conforms to the style, `npm install` and run:\n\n ./node_modules/.bin/standard\n\n## credit\n\nThis was originally forked from [buffer-browserify](https://github.com/toots/buffer-browserify).\n\n## Security Policies and Procedures\n\nThe `buffer` team and community take all security bugs in `buffer` seriously. Please see our [security policies and procedures](https://github.com/feross/security) document to learn how to report issues.\n\n## license\n\nMIT. Copyright (C) [Feross Aboukhadijeh](http://feross.org), and other contributors. Originally forked from an MIT-licensed module by Romain Beauxis.\n", + "readmeFilename": "README.md", + "optionalDependencies": {}, + "_dependencies": { + "base64-js": "^1.0.2", + "ieee754": "^1.1.4" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project\\node_modules\\buffer", + "error": "[Circular]", + "extraneous": false + }, + "ignore": { + "_args": [ + [ + "ignore@5.1.4", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project" + ], + [ + "ignore@5.1.4", + "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project" + ] + ], + "_from": "ignore@5.1.4", + "_id": "ignore@5.1.4", + "_integrity": "sha512-MzbUSahkTW1u7JpKKjY7LCARd1fU5W2rLdxlM4kdkayuCwZImjkpluF9CM1aLewYJguPDqewLam18Y6AU69A8A==", + "_location": "/ignore", + "_phantomChildren": {}, + "_requested": { + "type": "version", + "registry": true, + "raw": "ignore@5.1.4", + "name": "ignore", + "escapedName": "ignore", + "rawSpec": "5.1.4", + "saveSpec": "[Circular]", + "fetchSpec": "5.1.4" + }, + "_requiredBy": [ + "/" + ], + "_resolved": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "_spec": "5.1.4", + "_where": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project", + "author": { + "name": "kael" + }, + "bugs": { + "url": "https://github.com/kaelzhang/node-ignore/issues" + }, + "description": "Ignore is a manager and filter for .gitignore rules, the one used by eslint, gitbook and many others.", + "devDependencies": { + "@babel/cli": "^7.5.5", + "@babel/core": "^7.5.5", + "@babel/preset-env": "^7.5.5", + "codecov": "^3.5.0", + "debug": "^4.1.1", + "eslint": "^6.1.0", + "eslint-config-ostai": "^3.0.0", + "eslint-plugin-import": "^2.18.2", + "mkdirp": "^0.5.1", + "pre-suf": "^1.1.1", + "rimraf": "^2.7.0", + "spawn-sync": "^2.0.0", + "tap": "^14.6.1", + "tmp": "0.1.0", + "typescript": "^3.5.3" + }, + "engines": { + "node": ">= 4" + }, + "files": [ + "legacy.js", + "index.js", + "index.d.ts", + "LICENSE-MIT" + ], + "homepage": "https://github.com/kaelzhang/node-ignore#readme", + "keywords": [ + "ignore", + ".gitignore", + "gitignore", + "npmignore", + "rules", + "manager", + "filter", + "regexp", + "regex", + "fnmatch", + "glob", + "asterisks", + "regular-expression" + ], + "license": "MIT", + "name": "ignore", + "repository": { + "type": "git", + "url": "git+ssh://git@github.com/kaelzhang/node-ignore.git" + }, + "scripts": { + "build": "babel -o legacy.js index.js", + "posttest": "tap --coverage-report=html && codecov", + "prepublishOnly": "npm run build", + "test": "npm run test:only", + "test:cases": "tap test/*.js --coverage", + "test:git": "tap test/git-check-ignore.js", + "test:ignore": "tap test/ignore.js", + "test:lint": "eslint .", + "test:only": "npm run test:lint && npm run test:tsc && npm run test:ts && npm run test:cases", + "test:others": "tap test/others.js", + "test:ts": "node ./test/ts/simple.js", + "test:tsc": "tsc ./test/ts/simple.ts --lib ES6", + "test:win32": "IGNORE_TEST_WIN32=1 npm run test" + }, + "version": "5.1.4", + "readme": "\n \n \n \n \n \n \n \n\n \n \n \n \n
LinuxOS XWindowsCoverageDownloads
\n \n \n \n \n \n \n \n \n \n \n \n
\n\n# ignore\n\n`ignore` is a manager, filter and parser which implemented in pure JavaScript according to the .gitignore [spec](http://git-scm.com/docs/gitignore).\n\n`ignore` is used by eslint, gitbook and [many others](https://www.npmjs.com/browse/depended/ignore).\n\nPay attention that [`minimatch`](https://www.npmjs.org/package/minimatch) does not work in the gitignore way. To filter filenames according to .gitignore file, I recommend this module.\n\n### Tested on\n\n`ignore` is fully tested, and has more than **five hundreds** of unit tests.\n\n- Linux + Node: `0.8` - `7.x`\n- Windows + Node: `0.10` - `7.x`, node < `0.10` is not tested due to the lack of support of appveyor.\n\nActually, `ignore` does not rely on any versions of node specially.\n\nSince `4.0.0`, ignore will no longer support `node < 6` by default, to use in node < 6, `require('ignore/legacy')`. For details, see [CHANGELOG](https://github.com/kaelzhang/node-ignore/blob/master/CHANGELOG.md).\n\n## Table Of Main Contents\n\n- [Usage](#usage)\n- [`Pathname` Conventions](#pathname-conventions)\n- See Also:\n - [`glob-gitignore`](https://www.npmjs.com/package/glob-gitignore) matches files using patterns and filters them according to gitignore rules.\n- [Upgrade Guide](#upgrade-guide)\n\n## Install\n\n```sh\nnpm i ignore\n```\n\n## Usage\n\n```js\nimport ignore from 'ignore'\nconst ig = ignore().add(['.abc/*', '!.abc/d/'])\n```\n\n### Filter the given paths\n\n```js\nconst paths = [\n '.abc/a.js', // filtered out\n '.abc/d/e.js' // included\n]\n\nig.filter(paths) // ['.abc/d/e.js']\nig.ignores('.abc/a.js') // true\n```\n\n### As the filter function\n\n```js\npaths.filter(ig.createFilter()); // ['.abc/d/e.js']\n```\n\n### Win32 paths will be handled\n\n```js\nig.filter(['.abc\\\\a.js', '.abc\\\\d\\\\e.js'])\n// if the code above runs on windows, the result will be\n// ['.abc\\\\d\\\\e.js']\n```\n\n## Why another ignore?\n\n- `ignore` is a standalone module, and is much simpler so that it could easy work with other programs, unlike [isaacs](https://npmjs.org/~isaacs)'s [fstream-ignore](https://npmjs.org/package/fstream-ignore) which must work with the modules of the fstream family.\n\n- `ignore` only contains utility methods to filter paths according to the specified ignore rules, so\n - `ignore` never try to find out ignore rules by traversing directories or fetching from git configurations.\n - `ignore` don't cares about sub-modules of git projects.\n\n- Exactly according to [gitignore man page](http://git-scm.com/docs/gitignore), fixes some known matching issues of fstream-ignore, such as:\n - '`/*.js`' should only match '`a.js`', but not '`abc/a.js`'.\n - '`**/foo`' should match '`foo`' anywhere.\n - Prevent re-including a file if a parent directory of that file is excluded.\n - Handle trailing whitespaces:\n - `'a '`(one space) should not match `'a '`(two spaces).\n - `'a \\ '` matches `'a '`\n - All test cases are verified with the result of `git check-ignore`.\n\n# Methods\n\n## .add(pattern: string | Ignore): this\n## .add(patterns: Array): this\n\n- **pattern** `String | Ignore` An ignore pattern string, or the `Ignore` instance\n- **patterns** `Array` Array of ignore patterns.\n\nAdds a rule or several rules to the current manager.\n\nReturns `this`\n\nNotice that a line starting with `'#'`(hash) is treated as a comment. Put a backslash (`'\\'`) in front of the first hash for patterns that begin with a hash, if you want to ignore a file with a hash at the beginning of the filename.\n\n```js\nignore().add('#abc').ignores('#abc') // false\nignore().add('\\#abc').ignores('#abc') // true\n```\n\n`pattern` could either be a line of ignore pattern or a string of multiple ignore patterns, which means we could just `ignore().add()` the content of a ignore file:\n\n```js\nignore()\n.add(fs.readFileSync(filenameOfGitignore).toString())\n.filter(filenames)\n```\n\n`pattern` could also be an `ignore` instance, so that we could easily inherit the rules of another `Ignore` instance.\n\n## .addIgnoreFile(path)\n\nREMOVED in `3.x` for now.\n\nTo upgrade `ignore@2.x` up to `3.x`, use\n\n```js\nimport fs from 'fs'\n\nif (fs.existsSync(filename)) {\n ignore().add(fs.readFileSync(filename).toString())\n}\n```\n\ninstead.\n\n## .filter(paths: Array<Pathname>): Array<Pathname>\n\n```ts\ntype Pathname = string\n```\n\nFilters the given array of pathnames, and returns the filtered array.\n\n- **paths** `Array.` The array of `pathname`s to be filtered.\n\n### `Pathname` Conventions:\n\n#### 1. `Pathname` should be a `path.relative()`d pathname\n\n`Pathname` should be a string that have been `path.join()`ed, or the return value of `path.relative()` to the current directory,\n\n```js\n// WRONG, an error will be thrown\nig.ignores('./abc')\n\n// WRONG, for it will never happen, and an error will be thrown\n// If the gitignore rule locates at the root directory,\n// `'/abc'` should be changed to `'abc'`.\n// ```\n// path.relative('/', '/abc') -> 'abc'\n// ```\nig.ignores('/abc')\n\n// WRONG, that it is an absolute path on Windows, an error will be thrown\nig.ignores('C:\\\\abc')\n\n// Right\nig.ignores('abc')\n\n// Right\nig.ignores(path.join('./abc')) // path.join('./abc') -> 'abc'\n```\n\nIn other words, each `Pathname` here should be a relative path to the directory of the gitignore rules.\n\nSuppose the dir structure is:\n\n```\n/path/to/your/repo\n |-- a\n | |-- a.js\n |\n |-- .b\n |\n |-- .c\n |-- .DS_store\n```\n\nThen the `paths` might be like this:\n\n```js\n[\n 'a/a.js'\n '.b',\n '.c/.DS_store'\n]\n```\n\n#### 2. filenames and dirnames\n\n`node-ignore` does NO `fs.stat` during path matching, so for the example below:\n\n```js\n// First, we add a ignore pattern to ignore a directory\nig.add('config/')\n\n// `ig` does NOT know if 'config', in the real world,\n// is a normal file, directory or something.\n\nig.ignores('config')\n// `ig` treats `config` as a file, so it returns `false`\n\nig.ignores('config/')\n// returns `true`\n```\n\nSpecially for people who develop some library based on `node-ignore`, it is important to understand that.\n\nUsually, you could use [`glob`](http://npmjs.org/package/glob) with `option.mark = true` to fetch the structure of the current directory:\n\n```js\nimport glob from 'glob'\n\nglob('**', {\n // Adds a / character to directory matches.\n mark: true\n}, (err, files) => {\n if (err) {\n return console.error(err)\n }\n\n let filtered = ignore().add(patterns).filter(files)\n console.log(filtered)\n})\n```\n\n## .ignores(pathname: Pathname): boolean\n\n> new in 3.2.0\n\nReturns `Boolean` whether `pathname` should be ignored.\n\n```js\nig.ignores('.abc/a.js') // true\n```\n\n## .createFilter()\n\nCreates a filter function which could filter an array of paths with `Array.prototype.filter`.\n\nReturns `function(path)` the filter function.\n\n## .test(pathname: Pathname) since 5.0.0\n\nReturns `TestResult`\n\n```ts\ninterface TestResult {\n ignored: boolean\n // true if the `pathname` is finally unignored by some negative pattern\n unignored: boolean\n}\n```\n\n- `{ignored: true, unignored: false}`: the `pathname` is ignored\n- `{ignored: false, unignored: true}`: the `pathname` is unignored\n- `{ignored: false, unignored: false}`: the `pathname` is never matched by any ignore rules.\n\n## `options.ignorecase` since 4.0.0\n\nSimilar as the `core.ignorecase` option of [git-config](https://git-scm.com/docs/git-config), `node-ignore` will be case insensitive if `options.ignorecase` is set to `true` (the default value), otherwise case sensitive.\n\n```js\nconst ig = ignore({\n ignorecase: false\n})\n\nig.add('*.png')\n\nig.ignores('*.PNG') // false\n```\n\n## static `ignore.isPathValid(pathname): boolean` since 5.0.0\n\nCheck whether the `pathname` is valid according to the [convention](#1-pathname-should-be-a-pathrelatived-pathname).\n\n```js\nignore.isPathValid('./foo') // false\n```\n\n****\n\n# Upgrade Guide\n\n## Upgrade 4.x -> 5.x\n\nSince `5.0.0`, if an invalid `Pathname` passed into `ig.ignores()`, an error will be thrown, while `ignore < 5.0.0` did not make sure what the return value was, as well as\n\n```ts\n.ignores(pathname: Pathname): boolean\n\n.filter(pathnames: Array): Array\n\n.createFilter(): (pathname: Pathname) => boolean\n\n.test(pathname: Pathname): {ignored: boolean, unignored: boolean}\n```\n\nSee the convention [here](#1-pathname-should-be-a-pathrelatived-pathname) for details.\n\nIf there are invalid pathnames, the conversion and filtration should be done by users.\n\n```js\nimport {isPathValid} from 'ignore' // introduced in 5.0.0\n\nconst paths = [\n // invalid\n //////////////////\n '',\n false,\n '../foo',\n '.',\n //////////////////\n\n // valid\n 'foo'\n]\n.filter(isValidPath)\n\nig.filter(paths)\n```\n\n## Upgrade 3.x -> 4.x\n\nSince `4.0.0`, `ignore` will no longer support node < 6, to use `ignore` in node < 6:\n\n```js\nvar ignore = require('ignore/legacy')\n```\n\n## Upgrade 2.x -> 3.x\n\n- All `options` of 2.x are unnecessary and removed, so just remove them.\n- `ignore()` instance is no longer an [`EventEmitter`](nodejs.org/api/events.html), and all events are unnecessary and removed.\n- `.addIgnoreFile()` is removed, see the [.addIgnoreFile](#addignorefilepath) section for details.\n\n****\n\n# Collaborators\n\n- [@whitecolor](https://github.com/whitecolor) *Alex*\n- [@SamyPesse](https://github.com/SamyPesse) *Samy Pessé*\n- [@azproduction](https://github.com/azproduction) *Mikhail Davydov*\n- [@TrySound](https://github.com/TrySound) *Bogdan Chadkin*\n- [@JanMattner](https://github.com/JanMattner) *Jan Mattner*\n- [@ntwb](https://github.com/ntwb) *Stephen Edgar*\n- [@kasperisager](https://github.com/kasperisager) *Kasper Isager*\n- [@sandersn](https://github.com/sandersn) *Nathan Shively-Sanders*\n", + "readmeFilename": "README.md", + "dependencies": {}, + "optionalDependencies": {}, + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project\\node_modules\\ignore", + "error": "[Circular]", + "extraneous": false + } + }, + "version": "", + "readme": "ERROR: No README data found!", + "_id": "demo-package-integrity@", + "_shrinkwrap": { + "name": "demo-package-integrity", + "requires": true, + "lockfileVersion": 1, + "dependencies": { + "base64-js": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "integrity": "sha1-aSbRsZT7xze47tUTdW3i/Np+pAg=" + }, + "buffer": { + "version": "5.4.3", + "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "integrity": "sha384-5h1Ji04NR2cbjiY1Shby16SPB3BEtCSWxVGdwPX+AOeweYK1SAjyLLgbJ4mXAAVU", + "requires": { + "base64-js": "^1.0.2", + "ieee754": "^1.1.4" + }, + "dependencies": { + "base64-js": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "integrity": "sha1-WOzoy3XdB+ce0IxzarxfrE2/jfE=" + } + } + }, + "ieee754": { + "version": "1.1.13", + "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "integrity": "sha256-YD5rTEDaFVG7qr6KqKSzX2LxMrC2DpmQalnwrQTUeuI=" + }, + "ignore": { + "version": "5.1.4", + "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "integrity": "sha512-MzbUSahkTW1u7JpKKjY7LCARd1fU5W2rLdxlM4kdkayuCwZImjkpluF9CM1aLewYJguPDqewLam18Y6AU69A8A==" + } + } + }, + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": { + "buffer": "^5.4.3", + "ignore": "^5.1.4", + "base64-js": "1.0.1" + }, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project", + "error": "[Circular]", + "extraneous": false +} diff --git a/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm7_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm7_node22_macos-latest.json new file mode 100644 index 00000000..5bb815f5 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm7_node22_macos-latest.json @@ -0,0 +1,92 @@ +{ + "name": "demo-package-integrity", + "description": "demo: package-integrity -- packages with different integrity information.", + "private": true, + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project", + "_dependencies": { + "buffer": "^5.4.3", + "ignore": "^5.1.4", + "base64-js": "1.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "base64-js": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "name": "base64-js", + "integrity": "sha1-aSbRsZT7xze47tUTdW3i/Np+pAg=", + "license": "MIT", + "engines": { + "node": ">= 0.4" + }, + "_id": "base64-js@1.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/base64-js", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "buffer": { + "version": "5.4.3", + "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "name": "buffer", + "integrity": "sha384-5h1Ji04NR2cbjiY1Shby16SPB3BEtCSWxVGdwPX+AOeweYK1SAjyLLgbJ4mXAAVU", + "license": "MIT", + "_id": "buffer@5.4.3", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/buffer", + "_dependencies": { + "base64-js": "^1.0.2", + "ieee754": "^1.1.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "base64-js": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "name": "base64-js", + "integrity": "sha1-WOzoy3XdB+ce0IxzarxfrE2/jfE=", + "license": "MIT", + "_id": "base64-js@1.3.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/buffer/node_modules/base64-js", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "ieee754": { + "version": "1.1.13", + "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "name": "ieee754", + "integrity": "sha256-YD5rTEDaFVG7qr6KqKSzX2LxMrC2DpmQalnwrQTUeuI=", + "license": "BSD-3-Clause", + "_id": "ieee754@1.1.13", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/ieee754", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "ignore": { + "version": "5.1.4", + "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "name": "ignore", + "integrity": "sha512-MzbUSahkTW1u7JpKKjY7LCARd1fU5W2rLdxlM4kdkayuCwZImjkpluF9CM1aLewYJguPDqewLam18Y6AU69A8A==", + "license": "MIT", + "engines": { + "node": ">= 4" + }, + "_id": "ignore@5.1.4", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/ignore", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } +} diff --git a/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm7_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm7_node22_ubuntu-latest.json new file mode 100644 index 00000000..0156ca8c --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm7_node22_ubuntu-latest.json @@ -0,0 +1,92 @@ +{ + "name": "demo-package-integrity", + "description": "demo: package-integrity -- packages with different integrity information.", + "private": true, + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project", + "_dependencies": { + "buffer": "^5.4.3", + "ignore": "^5.1.4", + "base64-js": "1.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "base64-js": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "name": "base64-js", + "integrity": "sha1-aSbRsZT7xze47tUTdW3i/Np+pAg=", + "license": "MIT", + "engines": { + "node": ">= 0.4" + }, + "_id": "base64-js@1.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/base64-js", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "buffer": { + "version": "5.4.3", + "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "name": "buffer", + "integrity": "sha384-5h1Ji04NR2cbjiY1Shby16SPB3BEtCSWxVGdwPX+AOeweYK1SAjyLLgbJ4mXAAVU", + "license": "MIT", + "_id": "buffer@5.4.3", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/buffer", + "_dependencies": { + "base64-js": "^1.0.2", + "ieee754": "^1.1.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "base64-js": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "name": "base64-js", + "integrity": "sha1-WOzoy3XdB+ce0IxzarxfrE2/jfE=", + "license": "MIT", + "_id": "base64-js@1.3.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/buffer/node_modules/base64-js", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "ieee754": { + "version": "1.1.13", + "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "name": "ieee754", + "integrity": "sha256-YD5rTEDaFVG7qr6KqKSzX2LxMrC2DpmQalnwrQTUeuI=", + "license": "BSD-3-Clause", + "_id": "ieee754@1.1.13", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/ieee754", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "ignore": { + "version": "5.1.4", + "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "name": "ignore", + "integrity": "sha512-MzbUSahkTW1u7JpKKjY7LCARd1fU5W2rLdxlM4kdkayuCwZImjkpluF9CM1aLewYJguPDqewLam18Y6AU69A8A==", + "license": "MIT", + "engines": { + "node": ">= 4" + }, + "_id": "ignore@5.1.4", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/ignore", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } +} diff --git a/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm7_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm7_node22_windows-latest.json new file mode 100644 index 00000000..a79d96a6 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm7_node22_windows-latest.json @@ -0,0 +1,92 @@ +{ + "name": "demo-package-integrity", + "description": "demo: package-integrity -- packages with different integrity information.", + "private": true, + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project", + "_dependencies": { + "buffer": "^5.4.3", + "ignore": "^5.1.4", + "base64-js": "1.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "base64-js": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "name": "base64-js", + "integrity": "sha1-aSbRsZT7xze47tUTdW3i/Np+pAg=", + "license": "MIT", + "engines": { + "node": ">= 0.4" + }, + "_id": "base64-js@1.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project\\node_modules\\base64-js", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "buffer": { + "version": "5.4.3", + "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "name": "buffer", + "integrity": "sha384-5h1Ji04NR2cbjiY1Shby16SPB3BEtCSWxVGdwPX+AOeweYK1SAjyLLgbJ4mXAAVU", + "license": "MIT", + "_id": "buffer@5.4.3", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project\\node_modules\\buffer", + "_dependencies": { + "base64-js": "^1.0.2", + "ieee754": "^1.1.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "base64-js": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "name": "base64-js", + "integrity": "sha1-WOzoy3XdB+ce0IxzarxfrE2/jfE=", + "license": "MIT", + "_id": "base64-js@1.3.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project\\node_modules\\buffer\\node_modules\\base64-js", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "ieee754": { + "version": "1.1.13", + "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "name": "ieee754", + "integrity": "sha256-YD5rTEDaFVG7qr6KqKSzX2LxMrC2DpmQalnwrQTUeuI=", + "license": "BSD-3-Clause", + "_id": "ieee754@1.1.13", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project\\node_modules\\ieee754", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "ignore": { + "version": "5.1.4", + "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "name": "ignore", + "integrity": "sha512-MzbUSahkTW1u7JpKKjY7LCARd1fU5W2rLdxlM4kdkayuCwZImjkpluF9CM1aLewYJguPDqewLam18Y6AU69A8A==", + "license": "MIT", + "engines": { + "node": ">= 4" + }, + "_id": "ignore@5.1.4", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project\\node_modules\\ignore", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } +} diff --git a/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm8_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm8_node22_macos-latest.json new file mode 100644 index 00000000..51bd0291 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm8_node22_macos-latest.json @@ -0,0 +1,97 @@ +{ + "name": "demo-package-integrity", + "description": "demo: package-integrity -- packages with different integrity information.", + "private": true, + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project", + "_dependencies": { + "buffer": "^5.4.3", + "ignore": "^5.1.4", + "base64-js": "1.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "base64-js": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "overridden": false, + "name": "base64-js", + "integrity": "sha1-aSbRsZT7xze47tUTdW3i/Np+pAg=", + "license": "MIT", + "engines": { + "node": ">= 0.4" + }, + "_id": "base64-js@1.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/base64-js", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "buffer": { + "version": "5.4.3", + "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "overridden": false, + "name": "buffer", + "integrity": "sha384-5h1Ji04NR2cbjiY1Shby16SPB3BEtCSWxVGdwPX+AOeweYK1SAjyLLgbJ4mXAAVU", + "license": "MIT", + "_id": "buffer@5.4.3", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/buffer", + "_dependencies": { + "base64-js": "^1.0.2", + "ieee754": "^1.1.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "base64-js": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "overridden": false, + "name": "base64-js", + "integrity": "sha1-WOzoy3XdB+ce0IxzarxfrE2/jfE=", + "license": "MIT", + "_id": "base64-js@1.3.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/buffer/node_modules/base64-js", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "ieee754": { + "version": "1.1.13", + "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "overridden": false, + "name": "ieee754", + "integrity": "sha256-YD5rTEDaFVG7qr6KqKSzX2LxMrC2DpmQalnwrQTUeuI=", + "license": "BSD-3-Clause", + "_id": "ieee754@1.1.13", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/ieee754", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "ignore": { + "version": "5.1.4", + "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "overridden": false, + "name": "ignore", + "integrity": "sha512-MzbUSahkTW1u7JpKKjY7LCARd1fU5W2rLdxlM4kdkayuCwZImjkpluF9CM1aLewYJguPDqewLam18Y6AU69A8A==", + "license": "MIT", + "engines": { + "node": ">= 4" + }, + "_id": "ignore@5.1.4", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/ignore", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } +} diff --git a/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm8_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm8_node22_ubuntu-latest.json new file mode 100644 index 00000000..f1614a36 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm8_node22_ubuntu-latest.json @@ -0,0 +1,97 @@ +{ + "name": "demo-package-integrity", + "description": "demo: package-integrity -- packages with different integrity information.", + "private": true, + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project", + "_dependencies": { + "buffer": "^5.4.3", + "ignore": "^5.1.4", + "base64-js": "1.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "base64-js": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "overridden": false, + "name": "base64-js", + "integrity": "sha1-aSbRsZT7xze47tUTdW3i/Np+pAg=", + "license": "MIT", + "engines": { + "node": ">= 0.4" + }, + "_id": "base64-js@1.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/base64-js", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "buffer": { + "version": "5.4.3", + "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "overridden": false, + "name": "buffer", + "integrity": "sha384-5h1Ji04NR2cbjiY1Shby16SPB3BEtCSWxVGdwPX+AOeweYK1SAjyLLgbJ4mXAAVU", + "license": "MIT", + "_id": "buffer@5.4.3", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/buffer", + "_dependencies": { + "base64-js": "^1.0.2", + "ieee754": "^1.1.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "base64-js": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "overridden": false, + "name": "base64-js", + "integrity": "sha1-WOzoy3XdB+ce0IxzarxfrE2/jfE=", + "license": "MIT", + "_id": "base64-js@1.3.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/buffer/node_modules/base64-js", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "ieee754": { + "version": "1.1.13", + "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "overridden": false, + "name": "ieee754", + "integrity": "sha256-YD5rTEDaFVG7qr6KqKSzX2LxMrC2DpmQalnwrQTUeuI=", + "license": "BSD-3-Clause", + "_id": "ieee754@1.1.13", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/ieee754", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "ignore": { + "version": "5.1.4", + "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "overridden": false, + "name": "ignore", + "integrity": "sha512-MzbUSahkTW1u7JpKKjY7LCARd1fU5W2rLdxlM4kdkayuCwZImjkpluF9CM1aLewYJguPDqewLam18Y6AU69A8A==", + "license": "MIT", + "engines": { + "node": ">= 4" + }, + "_id": "ignore@5.1.4", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/ignore", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } +} diff --git a/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm8_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm8_node22_windows-latest.json new file mode 100644 index 00000000..72a9a672 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm8_node22_windows-latest.json @@ -0,0 +1,97 @@ +{ + "name": "demo-package-integrity", + "description": "demo: package-integrity -- packages with different integrity information.", + "private": true, + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project", + "_dependencies": { + "buffer": "^5.4.3", + "ignore": "^5.1.4", + "base64-js": "1.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "base64-js": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "overridden": false, + "name": "base64-js", + "integrity": "sha1-aSbRsZT7xze47tUTdW3i/Np+pAg=", + "license": "MIT", + "engines": { + "node": ">= 0.4" + }, + "_id": "base64-js@1.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project\\node_modules\\base64-js", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "buffer": { + "version": "5.4.3", + "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "overridden": false, + "name": "buffer", + "integrity": "sha384-5h1Ji04NR2cbjiY1Shby16SPB3BEtCSWxVGdwPX+AOeweYK1SAjyLLgbJ4mXAAVU", + "license": "MIT", + "_id": "buffer@5.4.3", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project\\node_modules\\buffer", + "_dependencies": { + "base64-js": "^1.0.2", + "ieee754": "^1.1.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "base64-js": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "overridden": false, + "name": "base64-js", + "integrity": "sha1-WOzoy3XdB+ce0IxzarxfrE2/jfE=", + "license": "MIT", + "_id": "base64-js@1.3.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project\\node_modules\\buffer\\node_modules\\base64-js", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "ieee754": { + "version": "1.1.13", + "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "overridden": false, + "name": "ieee754", + "integrity": "sha256-YD5rTEDaFVG7qr6KqKSzX2LxMrC2DpmQalnwrQTUeuI=", + "license": "BSD-3-Clause", + "_id": "ieee754@1.1.13", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project\\node_modules\\ieee754", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "ignore": { + "version": "5.1.4", + "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "overridden": false, + "name": "ignore", + "integrity": "sha512-MzbUSahkTW1u7JpKKjY7LCARd1fU5W2rLdxlM4kdkayuCwZImjkpluF9CM1aLewYJguPDqewLam18Y6AU69A8A==", + "license": "MIT", + "engines": { + "node": ">= 4" + }, + "_id": "ignore@5.1.4", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project\\node_modules\\ignore", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } +} diff --git a/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm9_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm9_node22_macos-latest.json new file mode 100644 index 00000000..51bd0291 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm9_node22_macos-latest.json @@ -0,0 +1,97 @@ +{ + "name": "demo-package-integrity", + "description": "demo: package-integrity -- packages with different integrity information.", + "private": true, + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project", + "_dependencies": { + "buffer": "^5.4.3", + "ignore": "^5.1.4", + "base64-js": "1.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "base64-js": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "overridden": false, + "name": "base64-js", + "integrity": "sha1-aSbRsZT7xze47tUTdW3i/Np+pAg=", + "license": "MIT", + "engines": { + "node": ">= 0.4" + }, + "_id": "base64-js@1.0.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/base64-js", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "buffer": { + "version": "5.4.3", + "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "overridden": false, + "name": "buffer", + "integrity": "sha384-5h1Ji04NR2cbjiY1Shby16SPB3BEtCSWxVGdwPX+AOeweYK1SAjyLLgbJ4mXAAVU", + "license": "MIT", + "_id": "buffer@5.4.3", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/buffer", + "_dependencies": { + "base64-js": "^1.0.2", + "ieee754": "^1.1.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "base64-js": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "overridden": false, + "name": "base64-js", + "integrity": "sha1-WOzoy3XdB+ce0IxzarxfrE2/jfE=", + "license": "MIT", + "_id": "base64-js@1.3.1", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/buffer/node_modules/base64-js", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "ieee754": { + "version": "1.1.13", + "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "overridden": false, + "name": "ieee754", + "integrity": "sha256-YD5rTEDaFVG7qr6KqKSzX2LxMrC2DpmQalnwrQTUeuI=", + "license": "BSD-3-Clause", + "_id": "ieee754@1.1.13", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/ieee754", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "ignore": { + "version": "5.1.4", + "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "overridden": false, + "name": "ignore", + "integrity": "sha512-MzbUSahkTW1u7JpKKjY7LCARd1fU5W2rLdxlM4kdkayuCwZImjkpluF9CM1aLewYJguPDqewLam18Y6AU69A8A==", + "license": "MIT", + "engines": { + "node": ">= 4" + }, + "_id": "ignore@5.1.4", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/ignore", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } +} diff --git a/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm9_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm9_node22_ubuntu-latest.json new file mode 100644 index 00000000..f1614a36 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm9_node22_ubuntu-latest.json @@ -0,0 +1,97 @@ +{ + "name": "demo-package-integrity", + "description": "demo: package-integrity -- packages with different integrity information.", + "private": true, + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project", + "_dependencies": { + "buffer": "^5.4.3", + "ignore": "^5.1.4", + "base64-js": "1.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "base64-js": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "overridden": false, + "name": "base64-js", + "integrity": "sha1-aSbRsZT7xze47tUTdW3i/Np+pAg=", + "license": "MIT", + "engines": { + "node": ">= 0.4" + }, + "_id": "base64-js@1.0.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/base64-js", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "buffer": { + "version": "5.4.3", + "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "overridden": false, + "name": "buffer", + "integrity": "sha384-5h1Ji04NR2cbjiY1Shby16SPB3BEtCSWxVGdwPX+AOeweYK1SAjyLLgbJ4mXAAVU", + "license": "MIT", + "_id": "buffer@5.4.3", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/buffer", + "_dependencies": { + "base64-js": "^1.0.2", + "ieee754": "^1.1.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "base64-js": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "overridden": false, + "name": "base64-js", + "integrity": "sha1-WOzoy3XdB+ce0IxzarxfrE2/jfE=", + "license": "MIT", + "_id": "base64-js@1.3.1", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/buffer/node_modules/base64-js", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "ieee754": { + "version": "1.1.13", + "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "overridden": false, + "name": "ieee754", + "integrity": "sha256-YD5rTEDaFVG7qr6KqKSzX2LxMrC2DpmQalnwrQTUeuI=", + "license": "BSD-3-Clause", + "_id": "ieee754@1.1.13", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/ieee754", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "ignore": { + "version": "5.1.4", + "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "overridden": false, + "name": "ignore", + "integrity": "sha512-MzbUSahkTW1u7JpKKjY7LCARd1fU5W2rLdxlM4kdkayuCwZImjkpluF9CM1aLewYJguPDqewLam18Y6AU69A8A==", + "license": "MIT", + "engines": { + "node": ">= 4" + }, + "_id": "ignore@5.1.4", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-integrity/project/node_modules/ignore", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } +} diff --git a/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm9_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm9_node22_windows-latest.json new file mode 100644 index 00000000..72a9a672 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-integrity/CI_results/npm-ls_npm9_node22_windows-latest.json @@ -0,0 +1,97 @@ +{ + "name": "demo-package-integrity", + "description": "demo: package-integrity -- packages with different integrity information.", + "private": true, + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project", + "_dependencies": { + "buffer": "^5.4.3", + "ignore": "^5.1.4", + "base64-js": "1.0.1" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "base64-js": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "overridden": false, + "name": "base64-js", + "integrity": "sha1-aSbRsZT7xze47tUTdW3i/Np+pAg=", + "license": "MIT", + "engines": { + "node": ">= 0.4" + }, + "_id": "base64-js@1.0.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project\\node_modules\\base64-js", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "buffer": { + "version": "5.4.3", + "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "overridden": false, + "name": "buffer", + "integrity": "sha384-5h1Ji04NR2cbjiY1Shby16SPB3BEtCSWxVGdwPX+AOeweYK1SAjyLLgbJ4mXAAVU", + "license": "MIT", + "_id": "buffer@5.4.3", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project\\node_modules\\buffer", + "_dependencies": { + "base64-js": "^1.0.2", + "ieee754": "^1.1.4" + }, + "devDependencies": {}, + "peerDependencies": {}, + "dependencies": { + "base64-js": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "overridden": false, + "name": "base64-js", + "integrity": "sha1-WOzoy3XdB+ce0IxzarxfrE2/jfE=", + "license": "MIT", + "_id": "base64-js@1.3.1", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project\\node_modules\\buffer\\node_modules\\base64-js", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + }, + "ieee754": { + "version": "1.1.13", + "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "overridden": false, + "name": "ieee754", + "integrity": "sha256-YD5rTEDaFVG7qr6KqKSzX2LxMrC2DpmQalnwrQTUeuI=", + "license": "BSD-3-Clause", + "_id": "ieee754@1.1.13", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project\\node_modules\\ieee754", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } + }, + "ignore": { + "version": "5.1.4", + "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "overridden": false, + "name": "ignore", + "integrity": "sha512-MzbUSahkTW1u7JpKKjY7LCARd1fU5W2rLdxlM4kdkayuCwZImjkpluF9CM1aLewYJguPDqewLam18Y6AU69A8A==", + "license": "MIT", + "engines": { + "node": ">= 4" + }, + "_id": "ignore@5.1.4", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-integrity\\project\\node_modules\\ignore", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} + } + } +} diff --git a/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm10_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm10_node22_macos-latest.json new file mode 100644 index 00000000..9a3a0604 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm10_node22_macos-latest.json @@ -0,0 +1,13 @@ +{ + "version": "1.0.0-123+456", + "name": "demo-package-with-build-id", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "private": true, + "homepage": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "_id": "demo-package-with-build-id@1.0.0-123+456", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-with-build-id/project", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} +} diff --git a/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm10_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm10_node22_ubuntu-latest.json new file mode 100644 index 00000000..d5e4889e --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm10_node22_ubuntu-latest.json @@ -0,0 +1,13 @@ +{ + "version": "1.0.0-123+456", + "name": "demo-package-with-build-id", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "private": true, + "homepage": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "_id": "demo-package-with-build-id@1.0.0-123+456", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-with-build-id/project", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} +} diff --git a/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm10_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm10_node22_windows-latest.json new file mode 100644 index 00000000..3cbd03d6 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm10_node22_windows-latest.json @@ -0,0 +1,13 @@ +{ + "version": "1.0.0-123+456", + "name": "demo-package-with-build-id", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "private": true, + "homepage": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "_id": "demo-package-with-build-id@1.0.0-123+456", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-with-build-id\\project", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} +} diff --git a/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm6_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm6_node22_macos-latest.json new file mode 100644 index 00000000..238e066f --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm6_node22_macos-latest.json @@ -0,0 +1,21 @@ +{ + "name": "demo-package-with-build-id", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "private": true, + "version": "1.0.0-123", + "homepage": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "readme": "ERROR: No README data found!", + "_id": "demo-package-with-build-id@1.0.0-123", + "_shrinkwrap": { + "name": "demo-package-with-build-id", + "version": "1.0.0-123+456", + "lockfileVersion": 1 + }, + "dependencies": {}, + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": {}, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-with-build-id/project", + "error": null, + "extraneous": false +} diff --git a/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm6_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm6_node22_ubuntu-latest.json new file mode 100644 index 00000000..4791f27c --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm6_node22_ubuntu-latest.json @@ -0,0 +1,21 @@ +{ + "name": "demo-package-with-build-id", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "private": true, + "version": "1.0.0-123", + "homepage": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "readme": "ERROR: No README data found!", + "_id": "demo-package-with-build-id@1.0.0-123", + "_shrinkwrap": { + "name": "demo-package-with-build-id", + "version": "1.0.0-123+456", + "lockfileVersion": 1 + }, + "dependencies": {}, + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": {}, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-with-build-id/project", + "error": null, + "extraneous": false +} diff --git a/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm6_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm6_node22_windows-latest.json new file mode 100644 index 00000000..e71bfb32 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm6_node22_windows-latest.json @@ -0,0 +1,21 @@ +{ + "name": "demo-package-with-build-id", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "private": true, + "version": "1.0.0-123", + "homepage": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "readme": "ERROR: No README data found!", + "_id": "demo-package-with-build-id@1.0.0-123", + "_shrinkwrap": { + "name": "demo-package-with-build-id", + "version": "1.0.0-123+456", + "lockfileVersion": 1 + }, + "dependencies": {}, + "devDependencies": {}, + "optionalDependencies": {}, + "_dependencies": {}, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-with-build-id\\project", + "error": null, + "extraneous": false +} diff --git a/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm7_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm7_node22_macos-latest.json new file mode 100644 index 00000000..9a3a0604 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm7_node22_macos-latest.json @@ -0,0 +1,13 @@ +{ + "version": "1.0.0-123+456", + "name": "demo-package-with-build-id", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "private": true, + "homepage": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "_id": "demo-package-with-build-id@1.0.0-123+456", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-with-build-id/project", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} +} diff --git a/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm7_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm7_node22_ubuntu-latest.json new file mode 100644 index 00000000..d5e4889e --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm7_node22_ubuntu-latest.json @@ -0,0 +1,13 @@ +{ + "version": "1.0.0-123+456", + "name": "demo-package-with-build-id", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "private": true, + "homepage": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "_id": "demo-package-with-build-id@1.0.0-123+456", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-with-build-id/project", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} +} diff --git a/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm7_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm7_node22_windows-latest.json new file mode 100644 index 00000000..3cbd03d6 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm7_node22_windows-latest.json @@ -0,0 +1,13 @@ +{ + "version": "1.0.0-123+456", + "name": "demo-package-with-build-id", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "private": true, + "homepage": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "_id": "demo-package-with-build-id@1.0.0-123+456", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-with-build-id\\project", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} +} diff --git a/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm8_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm8_node22_macos-latest.json new file mode 100644 index 00000000..9a3a0604 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm8_node22_macos-latest.json @@ -0,0 +1,13 @@ +{ + "version": "1.0.0-123+456", + "name": "demo-package-with-build-id", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "private": true, + "homepage": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "_id": "demo-package-with-build-id@1.0.0-123+456", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-with-build-id/project", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} +} diff --git a/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm8_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm8_node22_ubuntu-latest.json new file mode 100644 index 00000000..d5e4889e --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm8_node22_ubuntu-latest.json @@ -0,0 +1,13 @@ +{ + "version": "1.0.0-123+456", + "name": "demo-package-with-build-id", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "private": true, + "homepage": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "_id": "demo-package-with-build-id@1.0.0-123+456", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-with-build-id/project", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} +} diff --git a/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm8_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm8_node22_windows-latest.json new file mode 100644 index 00000000..3cbd03d6 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm8_node22_windows-latest.json @@ -0,0 +1,13 @@ +{ + "version": "1.0.0-123+456", + "name": "demo-package-with-build-id", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "private": true, + "homepage": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "_id": "demo-package-with-build-id@1.0.0-123+456", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-with-build-id\\project", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} +} diff --git a/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm9_node22_macos-latest.json b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm9_node22_macos-latest.json new file mode 100644 index 00000000..9a3a0604 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm9_node22_macos-latest.json @@ -0,0 +1,13 @@ +{ + "version": "1.0.0-123+456", + "name": "demo-package-with-build-id", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "private": true, + "homepage": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "_id": "demo-package-with-build-id@1.0.0-123+456", + "extraneous": false, + "path": "/Users/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-with-build-id/project", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} +} diff --git a/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm9_node22_ubuntu-latest.json b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm9_node22_ubuntu-latest.json new file mode 100644 index 00000000..d5e4889e --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm9_node22_ubuntu-latest.json @@ -0,0 +1,13 @@ +{ + "version": "1.0.0-123+456", + "name": "demo-package-with-build-id", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "private": true, + "homepage": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "_id": "demo-package-with-build-id@1.0.0-123+456", + "extraneous": false, + "path": "/home/runner/work/cyclonedx-node-npm/cyclonedx-node-npm/demo/package-with-build-id/project", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} +} diff --git a/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm9_node22_windows-latest.json b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm9_node22_windows-latest.json new file mode 100644 index 00000000..3cbd03d6 --- /dev/null +++ b/tests/_data/npm-ls_demo-results/package-with-build-id/CI_results/npm-ls_npm9_node22_windows-latest.json @@ -0,0 +1,13 @@ +{ + "version": "1.0.0-123+456", + "name": "demo-package-with-build-id", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "private": true, + "homepage": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "_id": "demo-package-with-build-id@1.0.0-123+456", + "extraneous": false, + "path": "D:\\a\\cyclonedx-node-npm\\cyclonedx-node-npm\\demo\\package-with-build-id\\project", + "_dependencies": {}, + "devDependencies": {}, + "peerDependencies": {} +} diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm10_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm10_node22_macos-latest.snap.json new file mode 100644 index 00000000..740787e5 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm10_node22_macos-latest.snap.json @@ -0,0 +1,1593 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ], + "components": [ + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs" + } + ] + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm10_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm10_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..740787e5 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm10_node22_ubuntu-latest.snap.json @@ -0,0 +1,1593 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ], + "components": [ + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs" + } + ] + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm10_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm10_node22_windows-latest.snap.json new file mode 100644 index 00000000..860b03aa --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm10_node22_windows-latest.snap.json @@ -0,0 +1,1593 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ], + "components": [ + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\yargs" + } + ] + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm6_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm6_node22_macos-latest.snap.json new file mode 100644 index 00000000..e0379458 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm6_node22_macos-latest.snap.json @@ -0,0 +1,2813 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "author": "Gajus Kuizinas", + "description": "Generates bundledDependencies package.json value using values of the dependencies property.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/gajus/bundle-dependencies/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/gajus/bundle-dependencies.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gajus/bundle-dependencies#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ], + "components": [ + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/ansi-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "author": "Sindre Sorhus", + "description": "List of the Node.js builtin modules", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/builtin-modules/-/builtin-modules-1.1.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/builtin-modules/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/builtin-modules.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/builtin-modules#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "author": "Sindre Sorhus", + "description": "Convert a dash/dot/underscore/space separated string to camelCase: foo-bar → fooBar", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/camelcase/-/camelcase-2.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/camelcase.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "author": "Ben Coe", + "description": "easily create complex multi-column command-line-interfaces", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/cliui/-/cliui-3.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/bcoe/cliui/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/bcoe/cliui.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/bcoe/cliui", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "author": "Sindre Sorhus", + "description": "ES2015 String#codePointAt() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/code-point-at/-/code-point-at-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/code-point-at/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/code-point-at.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/code-point-at", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "author": "Sindre Sorhus", + "description": "Convert a camelized string into a lowercased one with a custom separator: unicornRainbow → unicorn_rainbow", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/decamelize/-/decamelize-1.1.2.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/decamelize/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/decamelize.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/decamelize", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "description": "Easy error subclassing and stack customization", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/qix-/node-error-ex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/qix-/node-error-ex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-error-ex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "author": "Sindre Sorhus", + "description": "Find a file by walking up parent directories", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/find-up/-/find-up-1.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/find-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/find-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/find-up", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "description": "A drop-in replacement for fs, making various improvements.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.1.3.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/isaacs/node-graceful-fs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "author": "Rebecca Turner", + "description": "Provides metadata and conversions from repository urls for Github, Bitbucket and Gitlab", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.1.4.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/npm/hosted-git-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/npm/hosted-git-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/hosted-git-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "author": "Sindre Sorhus", + "description": "Invert the key/value of an object. Example: {foo: 'bar'} → {bar: 'foo'}", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/invert-kv/-/invert-kv-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/invert-kv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/invert-kv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/invert-kv", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "author": "Qix", + "description": "Determines if an object can be used as an array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/qix-/node-is-arrayish.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "author": "Sindre Sorhus", + "description": "Check if a string matches the name of a Node.js builtin module", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/is-builtin-module/-/is-builtin-module-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/is-builtin-module/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/is-builtin-module.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-builtin-module", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "author": "Sindre Sorhus", + "description": "Check if the character represented by a given Unicode code point is fullwidth", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/is-fullwidth-code-point.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "author": "wayfind", + "description": "Detect if a buffer is utf8 encoded.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/is-utf8/-/is-utf8-0.2.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/wayfind/is-utf8/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/wayfind/is-utf8.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/wayfind/is-utf8#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "author": "Sindre Sorhus", + "description": "Mapping between standard locale identifiers and Windows locale identifiers (LCID)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/lcid/-/lcid-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/lcid/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/lcid.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/lcid", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "author": "Sindre Sorhus", + "description": "Read and parse a JSON file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/load-json-file/-/load-json-file-1.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/load-json-file/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/load-json-file.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/load-json-file", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "author": "John-David Dalton", + "description": "The lodash method `_.assign` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/lodash.assign/-/lodash.assign-4.0.3.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "author": "John-David Dalton", + "description": "The lodash method `_.keys` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/lodash.keys/-/lodash.keys-4.0.3.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "author": "John-David Dalton", + "description": "The lodash method `_.rest` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/lodash.rest/-/lodash.rest-4.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "author": "Meryn Stol", + "description": "Normalizes data that can be found in package.json files.", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.3.5.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/npm/normalize-package-data/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/npm/normalize-package-data.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/normalize-package-data#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "author": "Sindre Sorhus", + "description": "ES6 Number.isNaN() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/number-is-nan/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/number-is-nan.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/number-is-nan#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "author": "Sindre Sorhus", + "description": "ES6 Object.assign() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/object-assign/-/object-assign-4.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/object-assign/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/object-assign.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/object-assign#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "author": "Sindre Sorhus", + "description": "Get the system locale", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/os-locale/-/os-locale-1.4.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/os-locale/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/os-locale.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/os-locale", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "author": "Sindre Sorhus", + "description": "Parse JSON with more helpful errors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/parse-json/-/parse-json-2.2.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/parse-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "author": "Sindre Sorhus", + "description": "Check if a path exists", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/path-exists/-/path-exists-2.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/path-exists/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/path-exists.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-exists", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "author": "Sindre Sorhus", + "description": "Check if a path is a file, directory, or symlink", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/path-type/-/path-type-1.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/path-type/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/path-type.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-type", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "author": "Sindre Sorhus", + "description": "Promisify a callback-style function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/pify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/pify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/pify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "author": "Vsevolod Strukchinsky", + "description": "ES2015 Promise ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/pinkie-promise/-/pinkie-promise-2.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/floatdrop/pinkie-promise/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/floatdrop/pinkie-promise.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/floatdrop/pinkie-promise", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "author": "Vsevolod Strukchinsky", + "description": "Itty bitty little widdle twinkie pinkie ES2015 Promise implementation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/pinkie/-/pinkie-2.0.4.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/floatdrop/pinkie/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/floatdrop/pinkie.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/floatdrop/pinkie", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "author": "Sindre Sorhus", + "description": "Get namespaced config from the closest package.json", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/pkg-conf/-/pkg-conf-1.1.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/pkg-conf/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/pkg-conf.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/pkg-conf#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "author": "Sindre Sorhus", + "description": "Read the closest package.json file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/read-pkg-up/-/read-pkg-up-1.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/read-pkg-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg-up", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "author": "Sindre Sorhus", + "description": "Read a package.json file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/read-pkg/-/read-pkg-1.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/read-pkg.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "author": "Ben Coe", + "description": "shim for require.main.filename() that works in as many environments as possible", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/require-main-filename/-/require-main-filename-1.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/yargs/require-main-filename/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/yargs/require-main-filename.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/require-main-filename#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/semver/-/semver-5.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "author": "Kyle E. Mitchell", + "description": "correct invalid SPDX identifiers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-1.0.2.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/kemitchell/spdx-correct.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/kemitchell/spdx-correct.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/spdx-correct.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "author": "The Linux Foundation", + "description": "list of SPDX standard license exceptions", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-1.0.4.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/kemitchell/spdx-exceptions.json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "author": "Kyle E. Mitchell", + "description": "parse SPDX license expressions", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-1.0.2.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/kemitchell/spdx-expression-parse.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/kemitchell/spdx-expression-parse.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/spdx-expression-parse.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "author": "Shinnosuke Watanabe", + "description": "A list of SPDX license identifiers", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-1.2.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/shinnn/spdx-license-ids/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/shinnn/spdx-license-ids.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/shinnn/spdx-license-ids#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/string-width/-/string-width-1.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "author": "Sindre Sorhus", + "description": "Strip UTF-8 byte order mark (BOM) from a string/buffer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/strip-bom/-/strip-bom-2.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/strip-bom.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "author": "Sean McArthur", + "description": "ES6 Symbols in your ES5.", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/symbol/-/symbol-0.2.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/seanmonstar/symbol/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/seanmonstar/symbol.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/seanmonstar/symbol#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "author": "Kyle E. Mitchell", + "description": "Give me a string and I'll tell you if it's a valid npm package license string", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/kemitchell/validate-npm-package-license.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "author": "Jon Schlinkert", + "description": "Reliable way to to get the height and width of the terminal/console in a node.js environment.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/window-size/-/window-size-0.2.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/jonschlinkert/window-size/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/jonschlinkert/window-size.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/window-size", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "author": "Ben Coe", + "description": "the bare-bones internationalization library used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/y18n/-/y18n-3.2.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/bcoe/y18n/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/bcoe/y18n.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/bcoe/y18n", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "author": "Ben Coe", + "description": "the mighty option parser used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-2.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/yargs/yargs-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/yargs/yargs-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/yargs-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "description": "Light-weight option parsing with an argv hash. No optstrings attached.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/yargs/-/yargs-4.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/bcoe/yargs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/bcoe/yargs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://yargs.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs" + } + ] + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm6_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm6_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..e0379458 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm6_node22_ubuntu-latest.snap.json @@ -0,0 +1,2813 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "author": "Gajus Kuizinas", + "description": "Generates bundledDependencies package.json value using values of the dependencies property.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/gajus/bundle-dependencies/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/gajus/bundle-dependencies.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gajus/bundle-dependencies#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ], + "components": [ + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/ansi-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "author": "Sindre Sorhus", + "description": "List of the Node.js builtin modules", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/builtin-modules/-/builtin-modules-1.1.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/builtin-modules/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/builtin-modules.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/builtin-modules#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "author": "Sindre Sorhus", + "description": "Convert a dash/dot/underscore/space separated string to camelCase: foo-bar → fooBar", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/camelcase/-/camelcase-2.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/camelcase.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "author": "Ben Coe", + "description": "easily create complex multi-column command-line-interfaces", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/cliui/-/cliui-3.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/bcoe/cliui/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/bcoe/cliui.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/bcoe/cliui", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "author": "Sindre Sorhus", + "description": "ES2015 String#codePointAt() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/code-point-at/-/code-point-at-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/code-point-at/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/code-point-at.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/code-point-at", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "author": "Sindre Sorhus", + "description": "Convert a camelized string into a lowercased one with a custom separator: unicornRainbow → unicorn_rainbow", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/decamelize/-/decamelize-1.1.2.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/decamelize/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/decamelize.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/decamelize", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "description": "Easy error subclassing and stack customization", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/qix-/node-error-ex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/qix-/node-error-ex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-error-ex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "author": "Sindre Sorhus", + "description": "Find a file by walking up parent directories", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/find-up/-/find-up-1.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/find-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/find-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/find-up", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "description": "A drop-in replacement for fs, making various improvements.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.1.3.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/isaacs/node-graceful-fs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "author": "Rebecca Turner", + "description": "Provides metadata and conversions from repository urls for Github, Bitbucket and Gitlab", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.1.4.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/npm/hosted-git-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/npm/hosted-git-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/hosted-git-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "author": "Sindre Sorhus", + "description": "Invert the key/value of an object. Example: {foo: 'bar'} → {bar: 'foo'}", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/invert-kv/-/invert-kv-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/invert-kv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/invert-kv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/invert-kv", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "author": "Qix", + "description": "Determines if an object can be used as an array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/qix-/node-is-arrayish.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "author": "Sindre Sorhus", + "description": "Check if a string matches the name of a Node.js builtin module", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/is-builtin-module/-/is-builtin-module-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/is-builtin-module/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/is-builtin-module.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-builtin-module", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "author": "Sindre Sorhus", + "description": "Check if the character represented by a given Unicode code point is fullwidth", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/is-fullwidth-code-point.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "author": "wayfind", + "description": "Detect if a buffer is utf8 encoded.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/is-utf8/-/is-utf8-0.2.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/wayfind/is-utf8/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/wayfind/is-utf8.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/wayfind/is-utf8#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "author": "Sindre Sorhus", + "description": "Mapping between standard locale identifiers and Windows locale identifiers (LCID)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/lcid/-/lcid-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/lcid/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/lcid.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/lcid", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "author": "Sindre Sorhus", + "description": "Read and parse a JSON file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/load-json-file/-/load-json-file-1.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/load-json-file/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/load-json-file.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/load-json-file", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "author": "John-David Dalton", + "description": "The lodash method `_.assign` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/lodash.assign/-/lodash.assign-4.0.3.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "author": "John-David Dalton", + "description": "The lodash method `_.keys` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/lodash.keys/-/lodash.keys-4.0.3.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "author": "John-David Dalton", + "description": "The lodash method `_.rest` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/lodash.rest/-/lodash.rest-4.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "author": "Meryn Stol", + "description": "Normalizes data that can be found in package.json files.", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.3.5.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/npm/normalize-package-data/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/npm/normalize-package-data.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/normalize-package-data#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "author": "Sindre Sorhus", + "description": "ES6 Number.isNaN() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/number-is-nan/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/number-is-nan.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/number-is-nan#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "author": "Sindre Sorhus", + "description": "ES6 Object.assign() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/object-assign/-/object-assign-4.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/object-assign/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/object-assign.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/object-assign#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "author": "Sindre Sorhus", + "description": "Get the system locale", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/os-locale/-/os-locale-1.4.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/os-locale/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/os-locale.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/os-locale", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "author": "Sindre Sorhus", + "description": "Parse JSON with more helpful errors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/parse-json/-/parse-json-2.2.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/parse-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "author": "Sindre Sorhus", + "description": "Check if a path exists", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/path-exists/-/path-exists-2.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/path-exists/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/path-exists.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-exists", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "author": "Sindre Sorhus", + "description": "Check if a path is a file, directory, or symlink", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/path-type/-/path-type-1.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/path-type/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/path-type.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-type", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "author": "Sindre Sorhus", + "description": "Promisify a callback-style function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/pify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/pify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/pify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "author": "Vsevolod Strukchinsky", + "description": "ES2015 Promise ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/pinkie-promise/-/pinkie-promise-2.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/floatdrop/pinkie-promise/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/floatdrop/pinkie-promise.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/floatdrop/pinkie-promise", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "author": "Vsevolod Strukchinsky", + "description": "Itty bitty little widdle twinkie pinkie ES2015 Promise implementation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/pinkie/-/pinkie-2.0.4.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/floatdrop/pinkie/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/floatdrop/pinkie.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/floatdrop/pinkie", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "author": "Sindre Sorhus", + "description": "Get namespaced config from the closest package.json", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/pkg-conf/-/pkg-conf-1.1.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/pkg-conf/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/pkg-conf.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/pkg-conf#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "author": "Sindre Sorhus", + "description": "Read the closest package.json file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/read-pkg-up/-/read-pkg-up-1.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/read-pkg-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg-up", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "author": "Sindre Sorhus", + "description": "Read a package.json file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/read-pkg/-/read-pkg-1.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/read-pkg.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "author": "Ben Coe", + "description": "shim for require.main.filename() that works in as many environments as possible", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/require-main-filename/-/require-main-filename-1.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/yargs/require-main-filename/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/yargs/require-main-filename.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/require-main-filename#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/semver/-/semver-5.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "author": "Kyle E. Mitchell", + "description": "correct invalid SPDX identifiers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-1.0.2.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/kemitchell/spdx-correct.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/kemitchell/spdx-correct.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/spdx-correct.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "author": "The Linux Foundation", + "description": "list of SPDX standard license exceptions", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-1.0.4.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/kemitchell/spdx-exceptions.json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "author": "Kyle E. Mitchell", + "description": "parse SPDX license expressions", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-1.0.2.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/kemitchell/spdx-expression-parse.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/kemitchell/spdx-expression-parse.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/spdx-expression-parse.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "author": "Shinnosuke Watanabe", + "description": "A list of SPDX license identifiers", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-1.2.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/shinnn/spdx-license-ids/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/shinnn/spdx-license-ids.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/shinnn/spdx-license-ids#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/string-width/-/string-width-1.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "author": "Sindre Sorhus", + "description": "Strip UTF-8 byte order mark (BOM) from a string/buffer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/strip-bom/-/strip-bom-2.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/strip-bom.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "author": "Sean McArthur", + "description": "ES6 Symbols in your ES5.", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/symbol/-/symbol-0.2.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/seanmonstar/symbol/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/seanmonstar/symbol.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/seanmonstar/symbol#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "author": "Kyle E. Mitchell", + "description": "Give me a string and I'll tell you if it's a valid npm package license string", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/kemitchell/validate-npm-package-license.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "author": "Jon Schlinkert", + "description": "Reliable way to to get the height and width of the terminal/console in a node.js environment.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/window-size/-/window-size-0.2.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/jonschlinkert/window-size/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/jonschlinkert/window-size.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/window-size", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "author": "Ben Coe", + "description": "the bare-bones internationalization library used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/y18n/-/y18n-3.2.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/bcoe/y18n/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/bcoe/y18n.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/bcoe/y18n", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "author": "Ben Coe", + "description": "the mighty option parser used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-2.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/yargs/yargs-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/yargs/yargs-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/yargs-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "description": "Light-weight option parsing with an argv hash. No optstrings attached.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/yargs/-/yargs-4.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/bcoe/yargs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/bcoe/yargs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://yargs.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs" + } + ] + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm6_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm6_node22_windows-latest.snap.json new file mode 100644 index 00000000..f4b58734 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm6_node22_windows-latest.snap.json @@ -0,0 +1,2813 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "author": "Gajus Kuizinas", + "description": "Generates bundledDependencies package.json value using values of the dependencies property.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/gajus/bundle-dependencies/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/gajus/bundle-dependencies.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gajus/bundle-dependencies#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ], + "components": [ + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/ansi-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "author": "Sindre Sorhus", + "description": "List of the Node.js builtin modules", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/builtin-modules/-/builtin-modules-1.1.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/builtin-modules/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/builtin-modules.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/builtin-modules#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "author": "Sindre Sorhus", + "description": "Convert a dash/dot/underscore/space separated string to camelCase: foo-bar → fooBar", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/camelcase/-/camelcase-2.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/camelcase.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "author": "Ben Coe", + "description": "easily create complex multi-column command-line-interfaces", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/cliui/-/cliui-3.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/bcoe/cliui/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/bcoe/cliui.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/bcoe/cliui", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "author": "Sindre Sorhus", + "description": "ES2015 String#codePointAt() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/code-point-at/-/code-point-at-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/code-point-at/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/code-point-at.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/code-point-at", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "author": "Sindre Sorhus", + "description": "Convert a camelized string into a lowercased one with a custom separator: unicornRainbow → unicorn_rainbow", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/decamelize/-/decamelize-1.1.2.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/decamelize/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/decamelize.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/decamelize", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "description": "Easy error subclassing and stack customization", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/qix-/node-error-ex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/qix-/node-error-ex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-error-ex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "author": "Sindre Sorhus", + "description": "Find a file by walking up parent directories", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/find-up/-/find-up-1.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/find-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/find-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/find-up", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "description": "A drop-in replacement for fs, making various improvements.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.1.3.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/isaacs/node-graceful-fs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "author": "Rebecca Turner", + "description": "Provides metadata and conversions from repository urls for Github, Bitbucket and Gitlab", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.1.4.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/npm/hosted-git-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/npm/hosted-git-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/hosted-git-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "author": "Sindre Sorhus", + "description": "Invert the key/value of an object. Example: {foo: 'bar'} → {bar: 'foo'}", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/invert-kv/-/invert-kv-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/invert-kv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/invert-kv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/invert-kv", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "author": "Qix", + "description": "Determines if an object can be used as an array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/qix-/node-is-arrayish.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "author": "Sindre Sorhus", + "description": "Check if a string matches the name of a Node.js builtin module", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/is-builtin-module/-/is-builtin-module-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/is-builtin-module/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/is-builtin-module.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-builtin-module", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "author": "Sindre Sorhus", + "description": "Check if the character represented by a given Unicode code point is fullwidth", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/is-fullwidth-code-point.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "author": "wayfind", + "description": "Detect if a buffer is utf8 encoded.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/is-utf8/-/is-utf8-0.2.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/wayfind/is-utf8/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/wayfind/is-utf8.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/wayfind/is-utf8#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "author": "Sindre Sorhus", + "description": "Mapping between standard locale identifiers and Windows locale identifiers (LCID)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/lcid/-/lcid-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/lcid/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/lcid.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/lcid", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "author": "Sindre Sorhus", + "description": "Read and parse a JSON file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/load-json-file/-/load-json-file-1.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/load-json-file/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/load-json-file.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/load-json-file", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "author": "John-David Dalton", + "description": "The lodash method `_.assign` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/lodash.assign/-/lodash.assign-4.0.3.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "author": "John-David Dalton", + "description": "The lodash method `_.keys` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/lodash.keys/-/lodash.keys-4.0.3.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "author": "John-David Dalton", + "description": "The lodash method `_.rest` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/lodash.rest/-/lodash.rest-4.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "author": "Meryn Stol", + "description": "Normalizes data that can be found in package.json files.", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.3.5.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/npm/normalize-package-data/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/npm/normalize-package-data.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/normalize-package-data#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "author": "Sindre Sorhus", + "description": "ES6 Number.isNaN() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/number-is-nan/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/number-is-nan.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/number-is-nan#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "author": "Sindre Sorhus", + "description": "ES6 Object.assign() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/object-assign/-/object-assign-4.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/object-assign/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/object-assign.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/object-assign#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "author": "Sindre Sorhus", + "description": "Get the system locale", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/os-locale/-/os-locale-1.4.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/os-locale/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/os-locale.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/os-locale", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "author": "Sindre Sorhus", + "description": "Parse JSON with more helpful errors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/parse-json/-/parse-json-2.2.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/parse-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "author": "Sindre Sorhus", + "description": "Check if a path exists", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/path-exists/-/path-exists-2.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/path-exists/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/path-exists.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-exists", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "author": "Sindre Sorhus", + "description": "Check if a path is a file, directory, or symlink", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/path-type/-/path-type-1.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/path-type/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/path-type.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-type", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "author": "Sindre Sorhus", + "description": "Promisify a callback-style function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/pify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/pify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/pify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "author": "Vsevolod Strukchinsky", + "description": "ES2015 Promise ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/pinkie-promise/-/pinkie-promise-2.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/floatdrop/pinkie-promise/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/floatdrop/pinkie-promise.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/floatdrop/pinkie-promise", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "author": "Vsevolod Strukchinsky", + "description": "Itty bitty little widdle twinkie pinkie ES2015 Promise implementation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/pinkie/-/pinkie-2.0.4.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/floatdrop/pinkie/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/floatdrop/pinkie.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/floatdrop/pinkie", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "author": "Sindre Sorhus", + "description": "Get namespaced config from the closest package.json", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/pkg-conf/-/pkg-conf-1.1.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/pkg-conf/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/pkg-conf.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/pkg-conf#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "author": "Sindre Sorhus", + "description": "Read the closest package.json file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/read-pkg-up/-/read-pkg-up-1.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/read-pkg-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg-up", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "author": "Sindre Sorhus", + "description": "Read a package.json file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/read-pkg/-/read-pkg-1.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/read-pkg.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "author": "Ben Coe", + "description": "shim for require.main.filename() that works in as many environments as possible", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/require-main-filename/-/require-main-filename-1.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/yargs/require-main-filename/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/yargs/require-main-filename.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/require-main-filename#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/semver/-/semver-5.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "author": "Kyle E. Mitchell", + "description": "correct invalid SPDX identifiers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-1.0.2.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/kemitchell/spdx-correct.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/kemitchell/spdx-correct.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/spdx-correct.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "author": "The Linux Foundation", + "description": "list of SPDX standard license exceptions", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-1.0.4.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/kemitchell/spdx-exceptions.json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "author": "Kyle E. Mitchell", + "description": "parse SPDX license expressions", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-1.0.2.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/kemitchell/spdx-expression-parse.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/kemitchell/spdx-expression-parse.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/spdx-expression-parse.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "author": "Shinnosuke Watanabe", + "description": "A list of SPDX license identifiers", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-1.2.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/shinnn/spdx-license-ids/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/shinnn/spdx-license-ids.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/shinnn/spdx-license-ids#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/string-width/-/string-width-1.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "author": "Sindre Sorhus", + "description": "Strip UTF-8 byte order mark (BOM) from a string/buffer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/strip-bom/-/strip-bom-2.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/strip-bom.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "author": "Sean McArthur", + "description": "ES6 Symbols in your ES5.", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/symbol/-/symbol-0.2.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/seanmonstar/symbol/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/seanmonstar/symbol.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/seanmonstar/symbol#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "author": "Kyle E. Mitchell", + "description": "Give me a string and I'll tell you if it's a valid npm package license string", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/kemitchell/validate-npm-package-license.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "author": "Jon Schlinkert", + "description": "Reliable way to to get the height and width of the terminal/console in a node.js environment.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/window-size/-/window-size-0.2.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/jonschlinkert/window-size/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/jonschlinkert/window-size.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/window-size", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "author": "Ben Coe", + "description": "the bare-bones internationalization library used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/y18n/-/y18n-3.2.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/bcoe/y18n/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/bcoe/y18n.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/bcoe/y18n", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "author": "Ben Coe", + "description": "the mighty option parser used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-2.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/yargs/yargs-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/yargs/yargs-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/yargs-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "description": "Light-weight option parsing with an argv hash. No optstrings attached.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/yargs/-/yargs-4.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/bcoe/yargs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/bcoe/yargs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://yargs.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\yargs" + } + ] + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm7_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm7_node22_macos-latest.snap.json new file mode 100644 index 00000000..a97e708e --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm7_node22_macos-latest.snap.json @@ -0,0 +1,1593 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ], + "components": [ + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs" + } + ] + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm7_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm7_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..a97e708e --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm7_node22_ubuntu-latest.snap.json @@ -0,0 +1,1593 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ], + "components": [ + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs" + } + ] + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm7_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm7_node22_windows-latest.snap.json new file mode 100644 index 00000000..a429d200 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm7_node22_windows-latest.snap.json @@ -0,0 +1,1593 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ], + "components": [ + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\yargs" + } + ] + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm8_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm8_node22_macos-latest.snap.json new file mode 100644 index 00000000..21669391 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm8_node22_macos-latest.snap.json @@ -0,0 +1,1593 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ], + "components": [ + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs" + } + ] + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm8_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm8_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..21669391 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm8_node22_ubuntu-latest.snap.json @@ -0,0 +1,1593 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ], + "components": [ + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs" + } + ] + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm8_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm8_node22_windows-latest.snap.json new file mode 100644 index 00000000..2988dbc2 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm8_node22_windows-latest.snap.json @@ -0,0 +1,1593 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ], + "components": [ + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\yargs" + } + ] + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm9_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm9_node22_macos-latest.snap.json new file mode 100644 index 00000000..a47a8fb5 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm9_node22_macos-latest.snap.json @@ -0,0 +1,1593 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ], + "components": [ + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs" + } + ] + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm9_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm9_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..a47a8fb5 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm9_node22_ubuntu-latest.snap.json @@ -0,0 +1,1593 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ], + "components": [ + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs" + } + ] + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm9_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm9_node22_windows-latest.snap.json new file mode 100644 index 00000000..631134c8 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm9_node22_windows-latest.snap.json @@ -0,0 +1,1593 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ], + "components": [ + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\yargs" + } + ] + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node22_macos-latest.snap.json new file mode 100644 index 00000000..303314d9 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node22_macos-latest.snap.json @@ -0,0 +1,269 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "purl": "pkg:npm/%40types/node@20.12.8", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "scope": "optional", + "purl": "pkg:npm/%40types/uuid@8.3.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "scope": "optional", + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "scope": "optional", + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..303314d9 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node22_ubuntu-latest.snap.json @@ -0,0 +1,269 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "purl": "pkg:npm/%40types/node@20.12.8", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "scope": "optional", + "purl": "pkg:npm/%40types/uuid@8.3.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "scope": "optional", + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "scope": "optional", + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node22_windows-latest.snap.json new file mode 100644 index 00000000..ed128b1a --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node22_windows-latest.snap.json @@ -0,0 +1,269 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "purl": "pkg:npm/%40types/node@20.12.8", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types\\node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "scope": "optional", + "purl": "pkg:npm/%40types/uuid@8.3.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types\\uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "scope": "optional", + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "scope": "optional", + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node22_macos-latest.snap.json new file mode 100644 index 00000000..119f478f --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node22_macos-latest.snap.json @@ -0,0 +1,374 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "description": "TypeScript definitions for node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/node@20.12.8#types/node", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "description": "TypeScript definitions for uuid", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/uuid@8.3.4#types/uuid", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/uuid", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/uuid", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "description": "A stand-alone types package for Undici", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/nodejs/undici/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/nodejs/undici.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://undici.nodejs.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "description": "RFC4122 (v1, v4, and v5) UUIDs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/uuidjs/uuid/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/uuidjs/uuid.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/uuidjs/uuid#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "description": "uuidv4 creates v4 UUIDs.", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/thenativeweb/uuidv4/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/thenativeweb/uuidv4.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thenativeweb/uuidv4#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..119f478f --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node22_ubuntu-latest.snap.json @@ -0,0 +1,374 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "description": "TypeScript definitions for node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/node@20.12.8#types/node", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "description": "TypeScript definitions for uuid", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/uuid@8.3.4#types/uuid", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/uuid", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/uuid", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "description": "A stand-alone types package for Undici", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/nodejs/undici/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/nodejs/undici.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://undici.nodejs.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "description": "RFC4122 (v1, v4, and v5) UUIDs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/uuidjs/uuid/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/uuidjs/uuid.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/uuidjs/uuid#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "description": "uuidv4 creates v4 UUIDs.", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/thenativeweb/uuidv4/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/thenativeweb/uuidv4.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thenativeweb/uuidv4#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node22_windows-latest.snap.json new file mode 100644 index 00000000..95e284b4 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node22_windows-latest.snap.json @@ -0,0 +1,374 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "description": "TypeScript definitions for node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/node@20.12.8#types/node", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types\\node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "description": "TypeScript definitions for uuid", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/uuid@8.3.4#types/uuid", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/uuid", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/uuid", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types\\uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "description": "A stand-alone types package for Undici", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/nodejs/undici/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/nodejs/undici.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://undici.nodejs.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "description": "RFC4122 (v1, v4, and v5) UUIDs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/uuidjs/uuid/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/uuidjs/uuid.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/uuidjs/uuid#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "description": "uuidv4 creates v4 UUIDs.", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/thenativeweb/uuidv4/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/thenativeweb/uuidv4.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thenativeweb/uuidv4#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node22_macos-latest.snap.json new file mode 100644 index 00000000..f19976c8 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node22_macos-latest.snap.json @@ -0,0 +1,269 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "purl": "pkg:npm/%40types/node@20.12.8", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "scope": "optional", + "purl": "pkg:npm/%40types/uuid@8.3.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "scope": "optional", + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "scope": "optional", + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..f19976c8 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node22_ubuntu-latest.snap.json @@ -0,0 +1,269 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "purl": "pkg:npm/%40types/node@20.12.8", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "scope": "optional", + "purl": "pkg:npm/%40types/uuid@8.3.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "scope": "optional", + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "scope": "optional", + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node22_windows-latest.snap.json new file mode 100644 index 00000000..0ba9a42e --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node22_windows-latest.snap.json @@ -0,0 +1,269 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "purl": "pkg:npm/%40types/node@20.12.8", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types\\node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "scope": "optional", + "purl": "pkg:npm/%40types/uuid@8.3.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types\\uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "scope": "optional", + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "scope": "optional", + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node22_macos-latest.snap.json new file mode 100644 index 00000000..f61cfcf1 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node22_macos-latest.snap.json @@ -0,0 +1,269 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "purl": "pkg:npm/%40types/node@20.12.8", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "scope": "optional", + "purl": "pkg:npm/%40types/uuid@8.3.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "scope": "optional", + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "scope": "optional", + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..f61cfcf1 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node22_ubuntu-latest.snap.json @@ -0,0 +1,269 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "purl": "pkg:npm/%40types/node@20.12.8", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "scope": "optional", + "purl": "pkg:npm/%40types/uuid@8.3.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "scope": "optional", + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "scope": "optional", + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node22_windows-latest.snap.json new file mode 100644 index 00000000..5959c6d8 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node22_windows-latest.snap.json @@ -0,0 +1,269 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "purl": "pkg:npm/%40types/node@20.12.8", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types\\node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "scope": "optional", + "purl": "pkg:npm/%40types/uuid@8.3.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types\\uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "scope": "optional", + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "scope": "optional", + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node22_macos-latest.snap.json new file mode 100644 index 00000000..3d7ffb56 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node22_macos-latest.snap.json @@ -0,0 +1,269 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "purl": "pkg:npm/%40types/node@20.12.8", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "scope": "optional", + "purl": "pkg:npm/%40types/uuid@8.3.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "scope": "optional", + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "scope": "optional", + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..3d7ffb56 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node22_ubuntu-latest.snap.json @@ -0,0 +1,269 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "purl": "pkg:npm/%40types/node@20.12.8", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "scope": "optional", + "purl": "pkg:npm/%40types/uuid@8.3.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "scope": "optional", + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "scope": "optional", + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node22_windows-latest.snap.json new file mode 100644 index 00000000..46b44e8d --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node22_windows-latest.snap.json @@ -0,0 +1,269 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "purl": "pkg:npm/%40types/node@20.12.8", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types\\node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "scope": "optional", + "purl": "pkg:npm/%40types/uuid@8.3.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types\\uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "scope": "optional", + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "scope": "optional", + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node22_macos-latest.snap.json new file mode 100644 index 00000000..621c47a1 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node22_macos-latest.snap.json @@ -0,0 +1,166 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b", + "version": "0.0.0", + "bom-ref": "my-local-b@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-noname", + "version": "0.0.0", + "bom-ref": "my-noname@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-noname@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-noname" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "my-local-a@0.0.0", + "my-noname@0.0.0" + ] + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b@0.0.0" + ] + }, + { + "ref": "my-local-b@0.0.0" + }, + { + "ref": "my-noname@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..621c47a1 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node22_ubuntu-latest.snap.json @@ -0,0 +1,166 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b", + "version": "0.0.0", + "bom-ref": "my-local-b@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-noname", + "version": "0.0.0", + "bom-ref": "my-noname@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-noname@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-noname" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "my-local-a@0.0.0", + "my-noname@0.0.0" + ] + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b@0.0.0" + ] + }, + { + "ref": "my-local-b@0.0.0" + }, + { + "ref": "my-noname@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node22_windows-latest.snap.json new file mode 100644 index 00000000..621c47a1 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node22_windows-latest.snap.json @@ -0,0 +1,166 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b", + "version": "0.0.0", + "bom-ref": "my-local-b@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-noname", + "version": "0.0.0", + "bom-ref": "my-noname@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-noname@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-noname" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "my-local-a@0.0.0", + "my-noname@0.0.0" + ] + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b@0.0.0" + ] + }, + { + "ref": "my-local-b@0.0.0" + }, + { + "ref": "my-noname@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node22_macos-latest.snap.json new file mode 100644 index 00000000..3f252d96 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node22_macos-latest.snap.json @@ -0,0 +1,179 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "description": "demo: my-local-a", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-deps/project/packages/my-local-a", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-deps/project/packages/my-local-a", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "description": "demo: my-local-b-off - a package with a different name than its dir", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "DummyComponent.InterferedDependency.my-noname", + "bom-ref": "DummyComponent.InterferedDependency.my-noname", + "description": "This is a dummy component \"InterferedDependency.my-noname\" that fills the gap where the actual built failed." + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "DummyComponent.InterferedDependency.my-noname", + "my-local-a@0.0.0" + ] + }, + { + "ref": "DummyComponent.InterferedDependency.my-noname" + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..3f252d96 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node22_ubuntu-latest.snap.json @@ -0,0 +1,179 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "description": "demo: my-local-a", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-deps/project/packages/my-local-a", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-deps/project/packages/my-local-a", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "description": "demo: my-local-b-off - a package with a different name than its dir", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "DummyComponent.InterferedDependency.my-noname", + "bom-ref": "DummyComponent.InterferedDependency.my-noname", + "description": "This is a dummy component \"InterferedDependency.my-noname\" that fills the gap where the actual built failed." + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "DummyComponent.InterferedDependency.my-noname", + "my-local-a@0.0.0" + ] + }, + { + "ref": "DummyComponent.InterferedDependency.my-noname" + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node22_windows-latest.snap.json new file mode 100644 index 00000000..3f252d96 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node22_windows-latest.snap.json @@ -0,0 +1,179 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "description": "demo: my-local-a", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-deps/project/packages/my-local-a", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-deps/project/packages/my-local-a", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "description": "demo: my-local-b-off - a package with a different name than its dir", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "DummyComponent.InterferedDependency.my-noname", + "bom-ref": "DummyComponent.InterferedDependency.my-noname", + "description": "This is a dummy component \"InterferedDependency.my-noname\" that fills the gap where the actual built failed." + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "DummyComponent.InterferedDependency.my-noname", + "my-local-a@0.0.0" + ] + }, + { + "ref": "DummyComponent.InterferedDependency.my-noname" + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node22_macos-latest.snap.json new file mode 100644 index 00000000..4479b21f --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node22_macos-latest.snap.json @@ -0,0 +1,166 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b", + "version": "0.0.0", + "bom-ref": "my-local-b@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-noname", + "version": "0.0.0", + "bom-ref": "my-noname@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-noname@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-noname" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "my-local-a@0.0.0", + "my-noname@0.0.0" + ] + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b@0.0.0" + ] + }, + { + "ref": "my-local-b@0.0.0" + }, + { + "ref": "my-noname@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..4479b21f --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node22_ubuntu-latest.snap.json @@ -0,0 +1,166 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b", + "version": "0.0.0", + "bom-ref": "my-local-b@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-noname", + "version": "0.0.0", + "bom-ref": "my-noname@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-noname@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-noname" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "my-local-a@0.0.0", + "my-noname@0.0.0" + ] + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b@0.0.0" + ] + }, + { + "ref": "my-local-b@0.0.0" + }, + { + "ref": "my-noname@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node22_windows-latest.snap.json new file mode 100644 index 00000000..4479b21f --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node22_windows-latest.snap.json @@ -0,0 +1,166 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b", + "version": "0.0.0", + "bom-ref": "my-local-b@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-noname", + "version": "0.0.0", + "bom-ref": "my-noname@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-noname@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-noname" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "my-local-a@0.0.0", + "my-noname@0.0.0" + ] + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b@0.0.0" + ] + }, + { + "ref": "my-local-b@0.0.0" + }, + { + "ref": "my-noname@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node22_macos-latest.snap.json new file mode 100644 index 00000000..57104fc8 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node22_macos-latest.snap.json @@ -0,0 +1,166 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b", + "version": "0.0.0", + "bom-ref": "my-local-b@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-noname", + "version": "0.0.0", + "bom-ref": "my-noname@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-noname@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-noname" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "my-local-a@0.0.0", + "my-noname@0.0.0" + ] + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b@0.0.0" + ] + }, + { + "ref": "my-local-b@0.0.0" + }, + { + "ref": "my-noname@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..57104fc8 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node22_ubuntu-latest.snap.json @@ -0,0 +1,166 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b", + "version": "0.0.0", + "bom-ref": "my-local-b@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-noname", + "version": "0.0.0", + "bom-ref": "my-noname@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-noname@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-noname" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "my-local-a@0.0.0", + "my-noname@0.0.0" + ] + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b@0.0.0" + ] + }, + { + "ref": "my-local-b@0.0.0" + }, + { + "ref": "my-noname@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node22_windows-latest.snap.json new file mode 100644 index 00000000..57104fc8 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node22_windows-latest.snap.json @@ -0,0 +1,166 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b", + "version": "0.0.0", + "bom-ref": "my-local-b@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-noname", + "version": "0.0.0", + "bom-ref": "my-noname@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-noname@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-noname" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "my-local-a@0.0.0", + "my-noname@0.0.0" + ] + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b@0.0.0" + ] + }, + { + "ref": "my-local-b@0.0.0" + }, + { + "ref": "my-noname@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node22_macos-latest.snap.json new file mode 100644 index 00000000..4baede93 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node22_macos-latest.snap.json @@ -0,0 +1,166 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b", + "version": "0.0.0", + "bom-ref": "my-local-b@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-noname", + "version": "0.0.0", + "bom-ref": "my-noname@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-noname@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-noname" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "my-local-a@0.0.0", + "my-noname@0.0.0" + ] + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b@0.0.0" + ] + }, + { + "ref": "my-local-b@0.0.0" + }, + { + "ref": "my-noname@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..4baede93 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node22_ubuntu-latest.snap.json @@ -0,0 +1,166 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b", + "version": "0.0.0", + "bom-ref": "my-local-b@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-noname", + "version": "0.0.0", + "bom-ref": "my-noname@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-noname@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-noname" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "my-local-a@0.0.0", + "my-noname@0.0.0" + ] + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b@0.0.0" + ] + }, + { + "ref": "my-local-b@0.0.0" + }, + { + "ref": "my-noname@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node22_windows-latest.snap.json new file mode 100644 index 00000000..4baede93 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node22_windows-latest.snap.json @@ -0,0 +1,166 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b", + "version": "0.0.0", + "bom-ref": "my-local-b@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-noname", + "version": "0.0.0", + "bom-ref": "my-noname@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-noname@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-noname" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "my-local-a@0.0.0", + "my-noname@0.0.0" + ] + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b@0.0.0" + ] + }, + { + "ref": "my-local-b@0.0.0" + }, + { + "ref": "my-noname@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node22_macos-latest.snap.json new file mode 100644 index 00000000..585d8749 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node22_macos-latest.snap.json @@ -0,0 +1,171 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-workspaces", + "version": "0.0.0", + "bom-ref": "demo-workspaces@0.0.0", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-workspaces@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.1.0", + "bom-ref": "my-local-a@0.1.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.1.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-local-c", + "version": "0.23.42", + "bom-ref": "my-local-c@0.23.42", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-c@0.23.42", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-c" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-workspaces@0.0.0", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0", + "my-local-c@0.23.42" + ] + }, + { + "ref": "my-local-a@0.1.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + }, + { + "ref": "my-local-c@0.23.42", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..585d8749 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node22_ubuntu-latest.snap.json @@ -0,0 +1,171 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-workspaces", + "version": "0.0.0", + "bom-ref": "demo-workspaces@0.0.0", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-workspaces@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.1.0", + "bom-ref": "my-local-a@0.1.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.1.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-local-c", + "version": "0.23.42", + "bom-ref": "my-local-c@0.23.42", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-c@0.23.42", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-c" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-workspaces@0.0.0", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0", + "my-local-c@0.23.42" + ] + }, + { + "ref": "my-local-a@0.1.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + }, + { + "ref": "my-local-c@0.23.42", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node22_windows-latest.snap.json new file mode 100644 index 00000000..585d8749 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node22_windows-latest.snap.json @@ -0,0 +1,171 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-workspaces", + "version": "0.0.0", + "bom-ref": "demo-workspaces@0.0.0", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-workspaces@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.1.0", + "bom-ref": "my-local-a@0.1.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.1.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-local-c", + "version": "0.23.42", + "bom-ref": "my-local-c@0.23.42", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-c@0.23.42", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-c" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-workspaces@0.0.0", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0", + "my-local-c@0.23.42" + ] + }, + { + "ref": "my-local-a@0.1.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + }, + { + "ref": "my-local-c@0.23.42", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node22_macos-latest.snap.json new file mode 100644 index 00000000..8a30c327 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node22_macos-latest.snap.json @@ -0,0 +1,171 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-workspaces", + "version": "0.0.0", + "bom-ref": "demo-workspaces@0.0.0", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-workspaces@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.1.0", + "bom-ref": "my-local-a@0.1.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.1.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-local-c", + "version": "0.23.42", + "bom-ref": "my-local-c@0.23.42", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-c@0.23.42", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-c" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-workspaces@0.0.0", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0", + "my-local-c@0.23.42" + ] + }, + { + "ref": "my-local-a@0.1.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + }, + { + "ref": "my-local-c@0.23.42", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..8a30c327 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node22_ubuntu-latest.snap.json @@ -0,0 +1,171 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-workspaces", + "version": "0.0.0", + "bom-ref": "demo-workspaces@0.0.0", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-workspaces@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.1.0", + "bom-ref": "my-local-a@0.1.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.1.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-local-c", + "version": "0.23.42", + "bom-ref": "my-local-c@0.23.42", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-c@0.23.42", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-c" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-workspaces@0.0.0", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0", + "my-local-c@0.23.42" + ] + }, + { + "ref": "my-local-a@0.1.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + }, + { + "ref": "my-local-c@0.23.42", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node22_windows-latest.snap.json new file mode 100644 index 00000000..8a30c327 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node22_windows-latest.snap.json @@ -0,0 +1,171 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-workspaces", + "version": "0.0.0", + "bom-ref": "demo-workspaces@0.0.0", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-workspaces@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.1.0", + "bom-ref": "my-local-a@0.1.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.1.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-local-c", + "version": "0.23.42", + "bom-ref": "my-local-c@0.23.42", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-c@0.23.42", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-c" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-workspaces@0.0.0", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0", + "my-local-c@0.23.42" + ] + }, + { + "ref": "my-local-a@0.1.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + }, + { + "ref": "my-local-c@0.23.42", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node22_macos-latest.snap.json new file mode 100644 index 00000000..3e9d278e --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node22_macos-latest.snap.json @@ -0,0 +1,171 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-workspaces", + "version": "0.0.0", + "bom-ref": "demo-workspaces@0.0.0", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-workspaces@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.1.0", + "bom-ref": "my-local-a@0.1.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.1.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-local-c", + "version": "0.23.42", + "bom-ref": "my-local-c@0.23.42", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-c@0.23.42", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-c" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-workspaces@0.0.0", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0", + "my-local-c@0.23.42" + ] + }, + { + "ref": "my-local-a@0.1.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + }, + { + "ref": "my-local-c@0.23.42", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..3e9d278e --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node22_ubuntu-latest.snap.json @@ -0,0 +1,171 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-workspaces", + "version": "0.0.0", + "bom-ref": "demo-workspaces@0.0.0", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-workspaces@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.1.0", + "bom-ref": "my-local-a@0.1.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.1.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-local-c", + "version": "0.23.42", + "bom-ref": "my-local-c@0.23.42", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-c@0.23.42", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-c" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-workspaces@0.0.0", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0", + "my-local-c@0.23.42" + ] + }, + { + "ref": "my-local-a@0.1.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + }, + { + "ref": "my-local-c@0.23.42", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node22_windows-latest.snap.json new file mode 100644 index 00000000..3e9d278e --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node22_windows-latest.snap.json @@ -0,0 +1,171 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-workspaces", + "version": "0.0.0", + "bom-ref": "demo-workspaces@0.0.0", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-workspaces@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.1.0", + "bom-ref": "my-local-a@0.1.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.1.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-local-c", + "version": "0.23.42", + "bom-ref": "my-local-c@0.23.42", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-c@0.23.42", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-c" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-workspaces@0.0.0", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0", + "my-local-c@0.23.42" + ] + }, + { + "ref": "my-local-a@0.1.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + }, + { + "ref": "my-local-c@0.23.42", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node22_macos-latest.snap.json new file mode 100644 index 00000000..54700647 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node22_macos-latest.snap.json @@ -0,0 +1,171 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-workspaces", + "version": "0.0.0", + "bom-ref": "demo-workspaces@0.0.0", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-workspaces@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.1.0", + "bom-ref": "my-local-a@0.1.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.1.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-local-c", + "version": "0.23.42", + "bom-ref": "my-local-c@0.23.42", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-c@0.23.42", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-c" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-workspaces@0.0.0", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0", + "my-local-c@0.23.42" + ] + }, + { + "ref": "my-local-a@0.1.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + }, + { + "ref": "my-local-c@0.23.42", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..54700647 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node22_ubuntu-latest.snap.json @@ -0,0 +1,171 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-workspaces", + "version": "0.0.0", + "bom-ref": "demo-workspaces@0.0.0", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-workspaces@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.1.0", + "bom-ref": "my-local-a@0.1.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.1.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-local-c", + "version": "0.23.42", + "bom-ref": "my-local-c@0.23.42", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-c@0.23.42", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-c" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-workspaces@0.0.0", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0", + "my-local-c@0.23.42" + ] + }, + { + "ref": "my-local-a@0.1.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + }, + { + "ref": "my-local-c@0.23.42", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node22_windows-latest.snap.json new file mode 100644 index 00000000..54700647 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node22_windows-latest.snap.json @@ -0,0 +1,171 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-workspaces", + "version": "0.0.0", + "bom-ref": "demo-workspaces@0.0.0", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-workspaces@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.1.0", + "bom-ref": "my-local-a@0.1.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.1.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-local-c", + "version": "0.23.42", + "bom-ref": "my-local-c@0.23.42", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-c@0.23.42", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-c" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-workspaces@0.0.0", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0", + "my-local-c@0.23.42" + ] + }, + { + "ref": "my-local-a@0.1.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + }, + { + "ref": "my-local-c@0.23.42", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm10_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm10_node22_macos-latest.snap.json new file mode 100644 index 00000000..d4e2ee4a --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm10_node22_macos-latest.snap.json @@ -0,0 +1,273 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "-/demo-package-integrity@-", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ], + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer/node_modules/base64-js" + } + ] + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "-/demo-package-integrity@-", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm10_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm10_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..d4e2ee4a --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm10_node22_ubuntu-latest.snap.json @@ -0,0 +1,273 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "-/demo-package-integrity@-", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ], + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer/node_modules/base64-js" + } + ] + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "-/demo-package-integrity@-", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm10_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm10_node22_windows-latest.snap.json new file mode 100644 index 00000000..26b0eabf --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm10_node22_windows-latest.snap.json @@ -0,0 +1,273 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "-/demo-package-integrity@-", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ], + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer\\node_modules\\base64-js" + } + ] + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "-/demo-package-integrity@-", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm6_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm6_node22_macos-latest.snap.json new file mode 100644 index 00000000..152a383e --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm6_node22_macos-latest.snap.json @@ -0,0 +1,358 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "demo-package-integrity@", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "author": "T. Jameson Little", + "description": "Base64 encoding/decoding in pure JS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/beatgammit/base64-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/beatgammit/base64-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/beatgammit/base64-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "author": "Feross Aboukhadijeh", + "description": "Node.js Buffer API, for the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/feross/buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/feross/buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/buffer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ], + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "author": "T. Jameson Little", + "description": "Base64 encoding/decoding in pure JS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/beatgammit/base64-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/beatgammit/base64-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/beatgammit/base64-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer/node_modules/base64-js" + } + ] + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "author": "Feross Aboukhadijeh", + "description": "Read/write IEEE754 floating point numbers from/to a Buffer or array-like object", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/feross/ieee754/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/feross/ieee754.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/ieee754#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "author": "kael", + "description": "Ignore is a manager and filter for .gitignore rules, the one used by eslint, gitbook and many others.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/kaelzhang/node-ignore.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "demo-package-integrity@", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm6_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm6_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..152a383e --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm6_node22_ubuntu-latest.snap.json @@ -0,0 +1,358 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "demo-package-integrity@", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "author": "T. Jameson Little", + "description": "Base64 encoding/decoding in pure JS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/beatgammit/base64-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/beatgammit/base64-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/beatgammit/base64-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "author": "Feross Aboukhadijeh", + "description": "Node.js Buffer API, for the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/feross/buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/feross/buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/buffer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ], + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "author": "T. Jameson Little", + "description": "Base64 encoding/decoding in pure JS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/beatgammit/base64-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/beatgammit/base64-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/beatgammit/base64-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer/node_modules/base64-js" + } + ] + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "author": "Feross Aboukhadijeh", + "description": "Read/write IEEE754 floating point numbers from/to a Buffer or array-like object", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/feross/ieee754/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/feross/ieee754.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/ieee754#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "author": "kael", + "description": "Ignore is a manager and filter for .gitignore rules, the one used by eslint, gitbook and many others.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/kaelzhang/node-ignore.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "demo-package-integrity@", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm6_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm6_node22_windows-latest.snap.json new file mode 100644 index 00000000..4972a2a1 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm6_node22_windows-latest.snap.json @@ -0,0 +1,358 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "demo-package-integrity@", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "author": "T. Jameson Little", + "description": "Base64 encoding/decoding in pure JS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/beatgammit/base64-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/beatgammit/base64-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/beatgammit/base64-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "author": "Feross Aboukhadijeh", + "description": "Node.js Buffer API, for the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/feross/buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/feross/buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/buffer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ], + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "author": "T. Jameson Little", + "description": "Base64 encoding/decoding in pure JS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/beatgammit/base64-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/beatgammit/base64-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/beatgammit/base64-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer\\node_modules\\base64-js" + } + ] + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "author": "Feross Aboukhadijeh", + "description": "Read/write IEEE754 floating point numbers from/to a Buffer or array-like object", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/feross/ieee754/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/feross/ieee754.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/ieee754#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "author": "kael", + "description": "Ignore is a manager and filter for .gitignore rules, the one used by eslint, gitbook and many others.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/kaelzhang/node-ignore.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "demo-package-integrity@", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm7_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm7_node22_macos-latest.snap.json new file mode 100644 index 00000000..73b0a6e6 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm7_node22_macos-latest.snap.json @@ -0,0 +1,273 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "-/demo-package-integrity@-", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ], + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer/node_modules/base64-js" + } + ] + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "-/demo-package-integrity@-", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm7_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm7_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..73b0a6e6 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm7_node22_ubuntu-latest.snap.json @@ -0,0 +1,273 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "-/demo-package-integrity@-", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ], + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer/node_modules/base64-js" + } + ] + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "-/demo-package-integrity@-", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm7_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm7_node22_windows-latest.snap.json new file mode 100644 index 00000000..69fafec7 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm7_node22_windows-latest.snap.json @@ -0,0 +1,273 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "-/demo-package-integrity@-", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ], + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer\\node_modules\\base64-js" + } + ] + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "-/demo-package-integrity@-", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm8_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm8_node22_macos-latest.snap.json new file mode 100644 index 00000000..ff8b7cea --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm8_node22_macos-latest.snap.json @@ -0,0 +1,273 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "-/demo-package-integrity@-", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ], + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer/node_modules/base64-js" + } + ] + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "-/demo-package-integrity@-", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm8_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm8_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..ff8b7cea --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm8_node22_ubuntu-latest.snap.json @@ -0,0 +1,273 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "-/demo-package-integrity@-", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ], + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer/node_modules/base64-js" + } + ] + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "-/demo-package-integrity@-", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm8_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm8_node22_windows-latest.snap.json new file mode 100644 index 00000000..9e221182 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm8_node22_windows-latest.snap.json @@ -0,0 +1,273 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "-/demo-package-integrity@-", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ], + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer\\node_modules\\base64-js" + } + ] + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "-/demo-package-integrity@-", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm9_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm9_node22_macos-latest.snap.json new file mode 100644 index 00000000..3dcf5a03 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm9_node22_macos-latest.snap.json @@ -0,0 +1,273 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "-/demo-package-integrity@-", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ], + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer/node_modules/base64-js" + } + ] + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "-/demo-package-integrity@-", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm9_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm9_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..3dcf5a03 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm9_node22_ubuntu-latest.snap.json @@ -0,0 +1,273 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "-/demo-package-integrity@-", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ], + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer/node_modules/base64-js" + } + ] + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "-/demo-package-integrity@-", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm9_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm9_node22_windows-latest.snap.json new file mode 100644 index 00000000..389635c7 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm9_node22_windows-latest.snap.json @@ -0,0 +1,273 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "-/demo-package-integrity@-", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ], + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer\\node_modules\\base64-js" + } + ] + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "-/demo-package-integrity@-", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm10_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm10_node22_macos-latest.snap.json new file mode 100644 index 00000000..cbc8c2f4 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm10_node22_macos-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123+456", + "bom-ref": "demo-package-with-build-id@1.0.0-123+456", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123+456" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm10_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm10_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..cbc8c2f4 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm10_node22_ubuntu-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123+456", + "bom-ref": "demo-package-with-build-id@1.0.0-123+456", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123+456" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm10_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm10_node22_windows-latest.snap.json new file mode 100644 index 00000000..cbc8c2f4 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm10_node22_windows-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123+456", + "bom-ref": "demo-package-with-build-id@1.0.0-123+456", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123+456" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm6_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm6_node22_macos-latest.snap.json new file mode 100644 index 00000000..97bac489 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm6_node22_macos-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123", + "bom-ref": "demo-package-with-build-id@1.0.0-123", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm6_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm6_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..97bac489 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm6_node22_ubuntu-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123", + "bom-ref": "demo-package-with-build-id@1.0.0-123", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm6_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm6_node22_windows-latest.snap.json new file mode 100644 index 00000000..97bac489 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm6_node22_windows-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123", + "bom-ref": "demo-package-with-build-id@1.0.0-123", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm7_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm7_node22_macos-latest.snap.json new file mode 100644 index 00000000..5738d15d --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm7_node22_macos-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123+456", + "bom-ref": "demo-package-with-build-id@1.0.0-123+456", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123+456" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm7_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm7_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..5738d15d --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm7_node22_ubuntu-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123+456", + "bom-ref": "demo-package-with-build-id@1.0.0-123+456", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123+456" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm7_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm7_node22_windows-latest.snap.json new file mode 100644 index 00000000..5738d15d --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm7_node22_windows-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123+456", + "bom-ref": "demo-package-with-build-id@1.0.0-123+456", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123+456" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm8_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm8_node22_macos-latest.snap.json new file mode 100644 index 00000000..38b71556 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm8_node22_macos-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123+456", + "bom-ref": "demo-package-with-build-id@1.0.0-123+456", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123+456" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm8_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm8_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..38b71556 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm8_node22_ubuntu-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123+456", + "bom-ref": "demo-package-with-build-id@1.0.0-123+456", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123+456" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm8_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm8_node22_windows-latest.snap.json new file mode 100644 index 00000000..38b71556 --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm8_node22_windows-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123+456", + "bom-ref": "demo-package-with-build-id@1.0.0-123+456", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123+456" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm9_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm9_node22_macos-latest.snap.json new file mode 100644 index 00000000..45fefb6a --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm9_node22_macos-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123+456", + "bom-ref": "demo-package-with-build-id@1.0.0-123+456", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123+456" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm9_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm9_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..45fefb6a --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm9_node22_ubuntu-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123+456", + "bom-ref": "demo-package-with-build-id@1.0.0-123+456", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123+456" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm9_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm9_node22_windows-latest.snap.json new file mode 100644 index 00000000..45fefb6a --- /dev/null +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm9_node22_windows-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123+456", + "bom-ref": "demo-package-with-build-id@1.0.0-123+456", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123+456" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm10_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm10_node22_macos-latest.snap.json new file mode 100644 index 00000000..2fb1ece7 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm10_node22_macos-latest.snap.json @@ -0,0 +1,1591 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs" + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm10_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm10_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..2fb1ece7 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm10_node22_ubuntu-latest.snap.json @@ -0,0 +1,1591 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs" + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm10_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm10_node22_windows-latest.snap.json new file mode 100644 index 00000000..5c5c65be --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm10_node22_windows-latest.snap.json @@ -0,0 +1,1591 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\yargs" + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm6_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm6_node22_macos-latest.snap.json new file mode 100644 index 00000000..528aa309 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm6_node22_macos-latest.snap.json @@ -0,0 +1,2811 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "author": "Gajus Kuizinas", + "description": "Generates bundledDependencies package.json value using values of the dependencies property.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/gajus/bundle-dependencies/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/gajus/bundle-dependencies.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gajus/bundle-dependencies#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/ansi-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "author": "Sindre Sorhus", + "description": "List of the Node.js builtin modules", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/builtin-modules/-/builtin-modules-1.1.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/builtin-modules/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/builtin-modules.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/builtin-modules#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "author": "Sindre Sorhus", + "description": "Convert a dash/dot/underscore/space separated string to camelCase: foo-bar → fooBar", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/camelcase/-/camelcase-2.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/camelcase.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "author": "Ben Coe", + "description": "easily create complex multi-column command-line-interfaces", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/cliui/-/cliui-3.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/bcoe/cliui/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/bcoe/cliui.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/bcoe/cliui", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "author": "Sindre Sorhus", + "description": "ES2015 String#codePointAt() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/code-point-at/-/code-point-at-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/code-point-at/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/code-point-at.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/code-point-at", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "author": "Sindre Sorhus", + "description": "Convert a camelized string into a lowercased one with a custom separator: unicornRainbow → unicorn_rainbow", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/decamelize/-/decamelize-1.1.2.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/decamelize/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/decamelize.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/decamelize", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "description": "Easy error subclassing and stack customization", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/qix-/node-error-ex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/qix-/node-error-ex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-error-ex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "author": "Sindre Sorhus", + "description": "Find a file by walking up parent directories", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/find-up/-/find-up-1.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/find-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/find-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/find-up", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "description": "A drop-in replacement for fs, making various improvements.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.1.3.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/isaacs/node-graceful-fs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "author": "Rebecca Turner", + "description": "Provides metadata and conversions from repository urls for Github, Bitbucket and Gitlab", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.1.4.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/npm/hosted-git-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/npm/hosted-git-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/hosted-git-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "author": "Sindre Sorhus", + "description": "Invert the key/value of an object. Example: {foo: 'bar'} → {bar: 'foo'}", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/invert-kv/-/invert-kv-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/invert-kv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/invert-kv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/invert-kv", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "author": "Qix", + "description": "Determines if an object can be used as an array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/qix-/node-is-arrayish.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "author": "Sindre Sorhus", + "description": "Check if a string matches the name of a Node.js builtin module", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/is-builtin-module/-/is-builtin-module-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/is-builtin-module/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/is-builtin-module.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-builtin-module", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "author": "Sindre Sorhus", + "description": "Check if the character represented by a given Unicode code point is fullwidth", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/is-fullwidth-code-point.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "author": "wayfind", + "description": "Detect if a buffer is utf8 encoded.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/is-utf8/-/is-utf8-0.2.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/wayfind/is-utf8/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/wayfind/is-utf8.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/wayfind/is-utf8#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "author": "Sindre Sorhus", + "description": "Mapping between standard locale identifiers and Windows locale identifiers (LCID)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/lcid/-/lcid-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/lcid/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/lcid.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/lcid", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "author": "Sindre Sorhus", + "description": "Read and parse a JSON file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/load-json-file/-/load-json-file-1.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/load-json-file/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/load-json-file.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/load-json-file", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "author": "John-David Dalton", + "description": "The lodash method `_.assign` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/lodash.assign/-/lodash.assign-4.0.3.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "author": "John-David Dalton", + "description": "The lodash method `_.keys` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/lodash.keys/-/lodash.keys-4.0.3.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "author": "John-David Dalton", + "description": "The lodash method `_.rest` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/lodash.rest/-/lodash.rest-4.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "author": "Meryn Stol", + "description": "Normalizes data that can be found in package.json files.", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.3.5.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/npm/normalize-package-data/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/npm/normalize-package-data.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/normalize-package-data#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "author": "Sindre Sorhus", + "description": "ES6 Number.isNaN() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/number-is-nan/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/number-is-nan.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/number-is-nan#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "author": "Sindre Sorhus", + "description": "ES6 Object.assign() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/object-assign/-/object-assign-4.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/object-assign/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/object-assign.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/object-assign#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "author": "Sindre Sorhus", + "description": "Get the system locale", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/os-locale/-/os-locale-1.4.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/os-locale/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/os-locale.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/os-locale", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "author": "Sindre Sorhus", + "description": "Parse JSON with more helpful errors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/parse-json/-/parse-json-2.2.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/parse-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "author": "Sindre Sorhus", + "description": "Check if a path exists", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/path-exists/-/path-exists-2.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/path-exists/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/path-exists.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-exists", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "author": "Sindre Sorhus", + "description": "Check if a path is a file, directory, or symlink", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/path-type/-/path-type-1.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/path-type/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/path-type.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-type", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "author": "Sindre Sorhus", + "description": "Promisify a callback-style function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/pify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/pify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/pify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "author": "Vsevolod Strukchinsky", + "description": "ES2015 Promise ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/pinkie-promise/-/pinkie-promise-2.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/floatdrop/pinkie-promise/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/floatdrop/pinkie-promise.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/floatdrop/pinkie-promise", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "author": "Vsevolod Strukchinsky", + "description": "Itty bitty little widdle twinkie pinkie ES2015 Promise implementation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/pinkie/-/pinkie-2.0.4.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/floatdrop/pinkie/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/floatdrop/pinkie.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/floatdrop/pinkie", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "author": "Sindre Sorhus", + "description": "Get namespaced config from the closest package.json", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/pkg-conf/-/pkg-conf-1.1.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/pkg-conf/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/pkg-conf.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/pkg-conf#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "author": "Sindre Sorhus", + "description": "Read the closest package.json file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/read-pkg-up/-/read-pkg-up-1.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/read-pkg-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg-up", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "author": "Sindre Sorhus", + "description": "Read a package.json file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/read-pkg/-/read-pkg-1.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/read-pkg.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "author": "Ben Coe", + "description": "shim for require.main.filename() that works in as many environments as possible", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/require-main-filename/-/require-main-filename-1.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/yargs/require-main-filename/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/yargs/require-main-filename.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/require-main-filename#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/semver/-/semver-5.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "author": "Kyle E. Mitchell", + "description": "correct invalid SPDX identifiers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-1.0.2.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/kemitchell/spdx-correct.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/kemitchell/spdx-correct.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/spdx-correct.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "author": "The Linux Foundation", + "description": "list of SPDX standard license exceptions", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-1.0.4.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/kemitchell/spdx-exceptions.json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "author": "Kyle E. Mitchell", + "description": "parse SPDX license expressions", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-1.0.2.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/kemitchell/spdx-expression-parse.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/kemitchell/spdx-expression-parse.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/spdx-expression-parse.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "author": "Shinnosuke Watanabe", + "description": "A list of SPDX license identifiers", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-1.2.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/shinnn/spdx-license-ids/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/shinnn/spdx-license-ids.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/shinnn/spdx-license-ids#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/string-width/-/string-width-1.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "author": "Sindre Sorhus", + "description": "Strip UTF-8 byte order mark (BOM) from a string/buffer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/strip-bom/-/strip-bom-2.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/strip-bom.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "author": "Sean McArthur", + "description": "ES6 Symbols in your ES5.", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/symbol/-/symbol-0.2.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/seanmonstar/symbol/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/seanmonstar/symbol.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/seanmonstar/symbol#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "author": "Kyle E. Mitchell", + "description": "Give me a string and I'll tell you if it's a valid npm package license string", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/kemitchell/validate-npm-package-license.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "author": "Jon Schlinkert", + "description": "Reliable way to to get the height and width of the terminal/console in a node.js environment.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/window-size/-/window-size-0.2.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/jonschlinkert/window-size/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/jonschlinkert/window-size.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/window-size", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "author": "Ben Coe", + "description": "the bare-bones internationalization library used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/y18n/-/y18n-3.2.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/bcoe/y18n/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/bcoe/y18n.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/bcoe/y18n", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "author": "Ben Coe", + "description": "the mighty option parser used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-2.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/yargs/yargs-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/yargs/yargs-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/yargs-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "description": "Light-weight option parsing with an argv hash. No optstrings attached.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/yargs/-/yargs-4.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/bcoe/yargs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/bcoe/yargs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://yargs.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs" + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm6_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm6_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..528aa309 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm6_node22_ubuntu-latest.snap.json @@ -0,0 +1,2811 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "author": "Gajus Kuizinas", + "description": "Generates bundledDependencies package.json value using values of the dependencies property.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/gajus/bundle-dependencies/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/gajus/bundle-dependencies.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gajus/bundle-dependencies#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/ansi-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "author": "Sindre Sorhus", + "description": "List of the Node.js builtin modules", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/builtin-modules/-/builtin-modules-1.1.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/builtin-modules/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/builtin-modules.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/builtin-modules#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "author": "Sindre Sorhus", + "description": "Convert a dash/dot/underscore/space separated string to camelCase: foo-bar → fooBar", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/camelcase/-/camelcase-2.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/camelcase.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "author": "Ben Coe", + "description": "easily create complex multi-column command-line-interfaces", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/cliui/-/cliui-3.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/bcoe/cliui/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/bcoe/cliui.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/bcoe/cliui", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "author": "Sindre Sorhus", + "description": "ES2015 String#codePointAt() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/code-point-at/-/code-point-at-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/code-point-at/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/code-point-at.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/code-point-at", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "author": "Sindre Sorhus", + "description": "Convert a camelized string into a lowercased one with a custom separator: unicornRainbow → unicorn_rainbow", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/decamelize/-/decamelize-1.1.2.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/decamelize/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/decamelize.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/decamelize", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "description": "Easy error subclassing and stack customization", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/qix-/node-error-ex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/qix-/node-error-ex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-error-ex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "author": "Sindre Sorhus", + "description": "Find a file by walking up parent directories", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/find-up/-/find-up-1.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/find-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/find-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/find-up", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "description": "A drop-in replacement for fs, making various improvements.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.1.3.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/isaacs/node-graceful-fs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "author": "Rebecca Turner", + "description": "Provides metadata and conversions from repository urls for Github, Bitbucket and Gitlab", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.1.4.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/npm/hosted-git-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/npm/hosted-git-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/hosted-git-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "author": "Sindre Sorhus", + "description": "Invert the key/value of an object. Example: {foo: 'bar'} → {bar: 'foo'}", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/invert-kv/-/invert-kv-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/invert-kv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/invert-kv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/invert-kv", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "author": "Qix", + "description": "Determines if an object can be used as an array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/qix-/node-is-arrayish.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "author": "Sindre Sorhus", + "description": "Check if a string matches the name of a Node.js builtin module", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/is-builtin-module/-/is-builtin-module-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/is-builtin-module/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/is-builtin-module.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-builtin-module", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "author": "Sindre Sorhus", + "description": "Check if the character represented by a given Unicode code point is fullwidth", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/is-fullwidth-code-point.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "author": "wayfind", + "description": "Detect if a buffer is utf8 encoded.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/is-utf8/-/is-utf8-0.2.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/wayfind/is-utf8/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/wayfind/is-utf8.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/wayfind/is-utf8#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "author": "Sindre Sorhus", + "description": "Mapping between standard locale identifiers and Windows locale identifiers (LCID)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/lcid/-/lcid-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/lcid/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/lcid.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/lcid", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "author": "Sindre Sorhus", + "description": "Read and parse a JSON file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/load-json-file/-/load-json-file-1.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/load-json-file/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/load-json-file.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/load-json-file", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "author": "John-David Dalton", + "description": "The lodash method `_.assign` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/lodash.assign/-/lodash.assign-4.0.3.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "author": "John-David Dalton", + "description": "The lodash method `_.keys` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/lodash.keys/-/lodash.keys-4.0.3.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "author": "John-David Dalton", + "description": "The lodash method `_.rest` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/lodash.rest/-/lodash.rest-4.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "author": "Meryn Stol", + "description": "Normalizes data that can be found in package.json files.", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.3.5.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/npm/normalize-package-data/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/npm/normalize-package-data.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/normalize-package-data#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "author": "Sindre Sorhus", + "description": "ES6 Number.isNaN() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/number-is-nan/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/number-is-nan.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/number-is-nan#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "author": "Sindre Sorhus", + "description": "ES6 Object.assign() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/object-assign/-/object-assign-4.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/object-assign/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/object-assign.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/object-assign#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "author": "Sindre Sorhus", + "description": "Get the system locale", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/os-locale/-/os-locale-1.4.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/os-locale/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/os-locale.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/os-locale", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "author": "Sindre Sorhus", + "description": "Parse JSON with more helpful errors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/parse-json/-/parse-json-2.2.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/parse-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "author": "Sindre Sorhus", + "description": "Check if a path exists", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/path-exists/-/path-exists-2.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/path-exists/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/path-exists.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-exists", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "author": "Sindre Sorhus", + "description": "Check if a path is a file, directory, or symlink", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/path-type/-/path-type-1.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/path-type/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/path-type.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-type", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "author": "Sindre Sorhus", + "description": "Promisify a callback-style function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/pify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/pify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/pify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "author": "Vsevolod Strukchinsky", + "description": "ES2015 Promise ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/pinkie-promise/-/pinkie-promise-2.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/floatdrop/pinkie-promise/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/floatdrop/pinkie-promise.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/floatdrop/pinkie-promise", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "author": "Vsevolod Strukchinsky", + "description": "Itty bitty little widdle twinkie pinkie ES2015 Promise implementation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/pinkie/-/pinkie-2.0.4.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/floatdrop/pinkie/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/floatdrop/pinkie.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/floatdrop/pinkie", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "author": "Sindre Sorhus", + "description": "Get namespaced config from the closest package.json", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/pkg-conf/-/pkg-conf-1.1.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/pkg-conf/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/pkg-conf.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/pkg-conf#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "author": "Sindre Sorhus", + "description": "Read the closest package.json file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/read-pkg-up/-/read-pkg-up-1.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/read-pkg-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg-up", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "author": "Sindre Sorhus", + "description": "Read a package.json file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/read-pkg/-/read-pkg-1.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/read-pkg.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "author": "Ben Coe", + "description": "shim for require.main.filename() that works in as many environments as possible", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/require-main-filename/-/require-main-filename-1.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/yargs/require-main-filename/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/yargs/require-main-filename.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/require-main-filename#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/semver/-/semver-5.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "author": "Kyle E. Mitchell", + "description": "correct invalid SPDX identifiers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-1.0.2.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/kemitchell/spdx-correct.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/kemitchell/spdx-correct.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/spdx-correct.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "author": "The Linux Foundation", + "description": "list of SPDX standard license exceptions", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-1.0.4.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/kemitchell/spdx-exceptions.json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "author": "Kyle E. Mitchell", + "description": "parse SPDX license expressions", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-1.0.2.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/kemitchell/spdx-expression-parse.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/kemitchell/spdx-expression-parse.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/spdx-expression-parse.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "author": "Shinnosuke Watanabe", + "description": "A list of SPDX license identifiers", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-1.2.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/shinnn/spdx-license-ids/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/shinnn/spdx-license-ids.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/shinnn/spdx-license-ids#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/string-width/-/string-width-1.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "author": "Sindre Sorhus", + "description": "Strip UTF-8 byte order mark (BOM) from a string/buffer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/strip-bom/-/strip-bom-2.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/strip-bom.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "author": "Sean McArthur", + "description": "ES6 Symbols in your ES5.", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/symbol/-/symbol-0.2.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/seanmonstar/symbol/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/seanmonstar/symbol.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/seanmonstar/symbol#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "author": "Kyle E. Mitchell", + "description": "Give me a string and I'll tell you if it's a valid npm package license string", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/kemitchell/validate-npm-package-license.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "author": "Jon Schlinkert", + "description": "Reliable way to to get the height and width of the terminal/console in a node.js environment.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/window-size/-/window-size-0.2.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/jonschlinkert/window-size/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/jonschlinkert/window-size.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/window-size", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "author": "Ben Coe", + "description": "the bare-bones internationalization library used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/y18n/-/y18n-3.2.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/bcoe/y18n/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/bcoe/y18n.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/bcoe/y18n", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "author": "Ben Coe", + "description": "the mighty option parser used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-2.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/yargs/yargs-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/yargs/yargs-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/yargs-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "description": "Light-weight option parsing with an argv hash. No optstrings attached.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/yargs/-/yargs-4.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/bcoe/yargs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/bcoe/yargs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://yargs.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs" + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm6_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm6_node22_windows-latest.snap.json new file mode 100644 index 00000000..6279564e --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm6_node22_windows-latest.snap.json @@ -0,0 +1,2811 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "author": "Gajus Kuizinas", + "description": "Generates bundledDependencies package.json value using values of the dependencies property.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/gajus/bundle-dependencies/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/gajus/bundle-dependencies.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gajus/bundle-dependencies#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/ansi-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "author": "Sindre Sorhus", + "description": "List of the Node.js builtin modules", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/builtin-modules/-/builtin-modules-1.1.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/builtin-modules/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/builtin-modules.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/builtin-modules#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "author": "Sindre Sorhus", + "description": "Convert a dash/dot/underscore/space separated string to camelCase: foo-bar → fooBar", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/camelcase/-/camelcase-2.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/camelcase.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "author": "Ben Coe", + "description": "easily create complex multi-column command-line-interfaces", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/cliui/-/cliui-3.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/bcoe/cliui/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/bcoe/cliui.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/bcoe/cliui", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "author": "Sindre Sorhus", + "description": "ES2015 String#codePointAt() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/code-point-at/-/code-point-at-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/code-point-at/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/code-point-at.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/code-point-at", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "author": "Sindre Sorhus", + "description": "Convert a camelized string into a lowercased one with a custom separator: unicornRainbow → unicorn_rainbow", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/decamelize/-/decamelize-1.1.2.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/decamelize/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/decamelize.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/decamelize", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "description": "Easy error subclassing and stack customization", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/qix-/node-error-ex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/qix-/node-error-ex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-error-ex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "author": "Sindre Sorhus", + "description": "Find a file by walking up parent directories", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/find-up/-/find-up-1.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/find-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/find-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/find-up", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "description": "A drop-in replacement for fs, making various improvements.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.1.3.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/isaacs/node-graceful-fs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "author": "Rebecca Turner", + "description": "Provides metadata and conversions from repository urls for Github, Bitbucket and Gitlab", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.1.4.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/npm/hosted-git-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/npm/hosted-git-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/hosted-git-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "author": "Sindre Sorhus", + "description": "Invert the key/value of an object. Example: {foo: 'bar'} → {bar: 'foo'}", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/invert-kv/-/invert-kv-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/invert-kv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/invert-kv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/invert-kv", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "author": "Qix", + "description": "Determines if an object can be used as an array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/qix-/node-is-arrayish.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "author": "Sindre Sorhus", + "description": "Check if a string matches the name of a Node.js builtin module", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/is-builtin-module/-/is-builtin-module-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/is-builtin-module/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/is-builtin-module.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-builtin-module", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "author": "Sindre Sorhus", + "description": "Check if the character represented by a given Unicode code point is fullwidth", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/is-fullwidth-code-point.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "author": "wayfind", + "description": "Detect if a buffer is utf8 encoded.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/is-utf8/-/is-utf8-0.2.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/wayfind/is-utf8/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/wayfind/is-utf8.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/wayfind/is-utf8#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "author": "Sindre Sorhus", + "description": "Mapping between standard locale identifiers and Windows locale identifiers (LCID)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/lcid/-/lcid-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/lcid/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/lcid.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/lcid", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "author": "Sindre Sorhus", + "description": "Read and parse a JSON file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/load-json-file/-/load-json-file-1.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/load-json-file/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/load-json-file.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/load-json-file", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "author": "John-David Dalton", + "description": "The lodash method `_.assign` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/lodash.assign/-/lodash.assign-4.0.3.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "author": "John-David Dalton", + "description": "The lodash method `_.keys` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/lodash.keys/-/lodash.keys-4.0.3.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "author": "John-David Dalton", + "description": "The lodash method `_.rest` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/lodash.rest/-/lodash.rest-4.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "author": "Meryn Stol", + "description": "Normalizes data that can be found in package.json files.", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.3.5.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/npm/normalize-package-data/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/npm/normalize-package-data.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/normalize-package-data#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "author": "Sindre Sorhus", + "description": "ES6 Number.isNaN() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/number-is-nan/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/number-is-nan.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/number-is-nan#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "author": "Sindre Sorhus", + "description": "ES6 Object.assign() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/object-assign/-/object-assign-4.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/object-assign/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/object-assign.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/object-assign#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "author": "Sindre Sorhus", + "description": "Get the system locale", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/os-locale/-/os-locale-1.4.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/os-locale/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/os-locale.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/os-locale", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "author": "Sindre Sorhus", + "description": "Parse JSON with more helpful errors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/parse-json/-/parse-json-2.2.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/parse-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "author": "Sindre Sorhus", + "description": "Check if a path exists", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/path-exists/-/path-exists-2.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/path-exists/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/path-exists.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-exists", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "author": "Sindre Sorhus", + "description": "Check if a path is a file, directory, or symlink", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/path-type/-/path-type-1.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/path-type/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/path-type.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-type", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "author": "Sindre Sorhus", + "description": "Promisify a callback-style function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/pify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/pify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/pify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "author": "Vsevolod Strukchinsky", + "description": "ES2015 Promise ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/pinkie-promise/-/pinkie-promise-2.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/floatdrop/pinkie-promise/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/floatdrop/pinkie-promise.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/floatdrop/pinkie-promise", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "author": "Vsevolod Strukchinsky", + "description": "Itty bitty little widdle twinkie pinkie ES2015 Promise implementation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/pinkie/-/pinkie-2.0.4.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/floatdrop/pinkie/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/floatdrop/pinkie.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/floatdrop/pinkie", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "author": "Sindre Sorhus", + "description": "Get namespaced config from the closest package.json", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/pkg-conf/-/pkg-conf-1.1.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/pkg-conf/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/pkg-conf.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/pkg-conf#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "author": "Sindre Sorhus", + "description": "Read the closest package.json file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/read-pkg-up/-/read-pkg-up-1.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/read-pkg-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg-up", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "author": "Sindre Sorhus", + "description": "Read a package.json file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/read-pkg/-/read-pkg-1.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/read-pkg.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "author": "Ben Coe", + "description": "shim for require.main.filename() that works in as many environments as possible", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/require-main-filename/-/require-main-filename-1.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/yargs/require-main-filename/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/yargs/require-main-filename.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/require-main-filename#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/semver/-/semver-5.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "author": "Kyle E. Mitchell", + "description": "correct invalid SPDX identifiers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-1.0.2.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/kemitchell/spdx-correct.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/kemitchell/spdx-correct.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/spdx-correct.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "author": "The Linux Foundation", + "description": "list of SPDX standard license exceptions", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-1.0.4.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/kemitchell/spdx-exceptions.json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "author": "Kyle E. Mitchell", + "description": "parse SPDX license expressions", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-1.0.2.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/kemitchell/spdx-expression-parse.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/kemitchell/spdx-expression-parse.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/spdx-expression-parse.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "author": "Shinnosuke Watanabe", + "description": "A list of SPDX license identifiers", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-1.2.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/shinnn/spdx-license-ids/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/shinnn/spdx-license-ids.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/shinnn/spdx-license-ids#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/string-width/-/string-width-1.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "author": "Sindre Sorhus", + "description": "Strip UTF-8 byte order mark (BOM) from a string/buffer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/strip-bom/-/strip-bom-2.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/sindresorhus/strip-bom.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "author": "Sean McArthur", + "description": "ES6 Symbols in your ES5.", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/symbol/-/symbol-0.2.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/seanmonstar/symbol/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/seanmonstar/symbol.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/seanmonstar/symbol#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "author": "Kyle E. Mitchell", + "description": "Give me a string and I'll tell you if it's a valid npm package license string", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.1.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/kemitchell/validate-npm-package-license.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "author": "Jon Schlinkert", + "description": "Reliable way to to get the height and width of the terminal/console in a node.js environment.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/window-size/-/window-size-0.2.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/jonschlinkert/window-size/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/jonschlinkert/window-size.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/window-size", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-1.0.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "author": "Ben Coe", + "description": "the bare-bones internationalization library used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/y18n/-/y18n-3.2.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/bcoe/y18n/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/bcoe/y18n.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/bcoe/y18n", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "author": "Ben Coe", + "description": "the mighty option parser used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-2.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/yargs/yargs-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/yargs/yargs-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/yargs-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "description": "Light-weight option parsing with an argv hash. No optstrings attached.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/yargs/-/yargs-4.1.0.tgz", + "type": "distribution", + "comment": "as detected from npm-ls property \"resolved\"" + }, + { + "url": "https://github.com/bcoe/yargs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/bcoe/yargs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://yargs.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\yargs" + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm7_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm7_node22_macos-latest.snap.json new file mode 100644 index 00000000..6ce3a8a1 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm7_node22_macos-latest.snap.json @@ -0,0 +1,1591 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs" + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm7_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm7_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..6ce3a8a1 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm7_node22_ubuntu-latest.snap.json @@ -0,0 +1,1591 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs" + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm7_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm7_node22_windows-latest.snap.json new file mode 100644 index 00000000..7ac4a0f5 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm7_node22_windows-latest.snap.json @@ -0,0 +1,1591 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\yargs" + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm8_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm8_node22_macos-latest.snap.json new file mode 100644 index 00000000..cd64748c --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm8_node22_macos-latest.snap.json @@ -0,0 +1,1591 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs" + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm8_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm8_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..cd64748c --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm8_node22_ubuntu-latest.snap.json @@ -0,0 +1,1591 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs" + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm8_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm8_node22_windows-latest.snap.json new file mode 100644 index 00000000..a10cbc14 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm8_node22_windows-latest.snap.json @@ -0,0 +1,1591 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\yargs" + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm9_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm9_node22_macos-latest.snap.json new file mode 100644 index 00000000..845c7263 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm9_node22_macos-latest.snap.json @@ -0,0 +1,1591 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs" + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm9_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm9_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..845c7263 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm9_node22_ubuntu-latest.snap.json @@ -0,0 +1,1591 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies/node_modules/yargs" + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm9_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm9_node22_windows-latest.snap.json new file mode 100644 index 00000000..478dec4c --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm9_node22_windows-latest.snap.json @@ -0,0 +1,1591 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-bundled-deps", + "version": "0.0.0", + "bom-ref": "demo-bundled-deps@0.0.0", + "description": "demo: demo-bundled-deps -- showcase how bundled deps look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-bundled-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "bundle-dependencies", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2", + "purl": "pkg:npm/bundle-dependencies@1.0.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/bundle-dependencies/-/bundle-dependencies-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ccf50f6125c5f56589f28ef7874e9b4566aa4b2833b681dc5186e07c30d498110bc2ea42260c31f6d37f09fed1df72e5742511948fc9fc6b10d8d009c59177c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\ansi-regex" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\builtin-modules" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|camelcase@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\camelcase" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "3.1.0", + "bom-ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@3.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\cliui" + } + ] + }, + { + "type": "library", + "name": "code-point-at", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/code-point-at@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\code-point-at" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "1.1.2", + "bom-ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@1.1.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\decamelize" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.0", + "bom-ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\error-ex" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\find-up" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.1.3", + "bom-ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.1.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\graceful-fs" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.1.4", + "bom-ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.1.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "invert-kv", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/invert-kv@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\invert-kv" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-arrayish" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-builtin-module" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\is-utf8" + } + ] + }, + { + "type": "library", + "name": "lcid", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lcid@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lcid" + } + ] + }, + { + "type": "library", + "name": "load-json-file", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/load-json-file@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\load-json-file" + } + ] + }, + { + "type": "library", + "name": "lodash.assign", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.assign@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.assign" + } + ] + }, + { + "type": "library", + "name": "lodash.keys", + "version": "4.0.3", + "bom-ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.keys@4.0.3", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.keys" + } + ] + }, + { + "type": "library", + "name": "lodash.rest", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.rest@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\lodash.rest" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.3.5", + "bom-ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.3.5", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\normalize-package-data" + } + ] + }, + { + "type": "library", + "name": "number-is-nan", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/number-is-nan@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\number-is-nan" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.0.1", + "bom-ref": "bundle-dependencies@1.0.2|object-assign@4.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\object-assign" + } + ] + }, + { + "type": "library", + "name": "os-locale", + "version": "1.4.0", + "bom-ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-locale@1.4.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\os-locale" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "2.2.0", + "bom-ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@2.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\parse-json" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\path-exists" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\path-type" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "bundle-dependencies@1.0.2|pify@2.3.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pify" + } + ] + }, + { + "type": "library", + "name": "pinkie-promise", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie-promise@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pinkie-promise" + } + ] + }, + { + "type": "library", + "name": "pinkie", + "version": "2.0.4", + "bom-ref": "bundle-dependencies@1.0.2|pinkie@2.0.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pinkie@2.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pinkie" + } + ] + }, + { + "type": "library", + "name": "pkg-conf", + "version": "1.1.1", + "bom-ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-conf@1.1.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\pkg-conf" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\read-pkg-up" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "1.1.0", + "bom-ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@1.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\read-pkg" + } + ] + }, + { + "type": "library", + "name": "require-main-filename", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/require-main-filename@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\require-main-filename" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.1.0", + "bom-ref": "bundle-dependencies@1.0.2|semver@5.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\semver" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-correct" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "1.0.4", + "bom-ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@1.0.4", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-exceptions" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "1.0.2", + "bom-ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "licenses": [ + { + "expression": "(MIT AND CC-BY-3.0)" + } + ], + "purl": "pkg:npm/spdx-expression-parse@1.0.2", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-expression-parse" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "1.2.0", + "bom-ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@1.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\spdx-license-ids" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "1.0.1", + "bom-ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\string-width" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\strip-ansi" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "2.0.0", + "bom-ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@2.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\strip-bom" + } + ] + }, + { + "type": "library", + "name": "symbol", + "version": "0.2.1", + "bom-ref": "bundle-dependencies@1.0.2|symbol@0.2.1", + "licenses": [ + { + "license": { + "name": "MPLv2.0" + } + } + ], + "purl": "pkg:npm/symbol@0.2.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\symbol" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.1", + "bom-ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.1", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\validate-npm-package-license" + } + ] + }, + { + "type": "library", + "name": "window-size", + "version": "0.2.0", + "bom-ref": "bundle-dependencies@1.0.2|window-size@0.2.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/window-size@0.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\window-size" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "1.0.0", + "bom-ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@1.0.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "3.2.0", + "bom-ref": "bundle-dependencies@1.0.2|y18n@3.2.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@3.2.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\y18n" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "2.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@2.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "4.1.0", + "bom-ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@4.1.0", + "properties": [ + { + "name": "cdx:npm:package:bundled", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-dependencies\\node_modules\\yargs" + } + ] + } + ], + "dependencies": [ + { + "ref": "bundle-dependencies@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|yargs@4.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + }, + { + "ref": "bundle-dependencies@1.0.2|camelcase@2.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|cliui@3.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "bundle-dependencies@1.0.2|wrap-ansi@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|decamelize@1.1.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|error-ex@1.3.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "bundle-dependencies@1.0.2|find-up@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|path-exists@2.1.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|graceful-fs@4.1.3" + }, + { + "ref": "bundle-dependencies@1.0.2|hosted-git-info@2.1.4" + }, + { + "ref": "bundle-dependencies@1.0.2|invert-kv@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|is-arrayish@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|builtin-modules@1.1.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|is-utf8@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|lcid@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|invert-kv@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|parse-json@2.2.0", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "bundle-dependencies@1.0.2|strip-bom@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.assign@4.0.3", + "dependsOn": [ + "bundle-dependencies@1.0.2|lodash.keys@4.0.3", + "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.keys@4.0.3" + }, + { + "ref": "bundle-dependencies@1.0.2|lodash.rest@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "dependsOn": [ + "bundle-dependencies@1.0.2|hosted-git-info@2.1.4", + "bundle-dependencies@1.0.2|is-builtin-module@1.0.0", + "bundle-dependencies@1.0.2|semver@5.1.0", + "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|number-is-nan@1.0.0" + }, + { + "ref": "bundle-dependencies@1.0.2|object-assign@4.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|os-locale@1.4.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|lcid@1.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|parse-json@2.2.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|error-ex@1.3.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-exists@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|path-type@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|graceful-fs@4.1.3", + "bundle-dependencies@1.0.2|pify@2.3.0", + "bundle-dependencies@1.0.2|pinkie-promise@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pify@2.3.0" + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie-promise@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|pinkie@2.0.4" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|pinkie@2.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|object-assign@4.0.1", + "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "bundle-dependencies@1.0.2|symbol@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|find-up@1.1.0", + "bundle-dependencies@1.0.2|read-pkg@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|read-pkg@1.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|load-json-file@1.1.0", + "bundle-dependencies@1.0.2|normalize-package-data@2.3.5", + "bundle-dependencies@1.0.2|path-type@1.1.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|require-main-filename@1.0.1" + }, + { + "ref": "bundle-dependencies@1.0.2|semver@5.1.0" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4" + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-exceptions@1.0.4", + "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|spdx-license-ids@1.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|string-width@1.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|code-point-at@1.0.0", + "bundle-dependencies@1.0.2|is-fullwidth-code-point@1.0.0", + "bundle-dependencies@1.0.2|strip-ansi@3.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|ansi-regex@2.0.0" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|strip-bom@2.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|is-utf8@0.2.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|symbol@0.2.1" + }, + { + "ref": "bundle-dependencies@1.0.2|validate-npm-package-license@3.0.1", + "dependsOn": [ + "bundle-dependencies@1.0.2|spdx-correct@1.0.2", + "bundle-dependencies@1.0.2|spdx-expression-parse@1.0.2" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|window-size@0.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|wrap-ansi@1.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|string-width@1.0.1" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|y18n@3.2.0" + }, + { + "ref": "bundle-dependencies@1.0.2|yargs-parser@2.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|lodash.assign@4.0.3" + ] + }, + { + "ref": "bundle-dependencies@1.0.2|yargs@4.1.0", + "dependsOn": [ + "bundle-dependencies@1.0.2|camelcase@2.1.0", + "bundle-dependencies@1.0.2|cliui@3.1.0", + "bundle-dependencies@1.0.2|decamelize@1.1.2", + "bundle-dependencies@1.0.2|os-locale@1.4.0", + "bundle-dependencies@1.0.2|pkg-conf@1.1.1", + "bundle-dependencies@1.0.2|read-pkg-up@1.0.1", + "bundle-dependencies@1.0.2|require-main-filename@1.0.1", + "bundle-dependencies@1.0.2|string-width@1.0.1", + "bundle-dependencies@1.0.2|window-size@0.2.0", + "bundle-dependencies@1.0.2|y18n@3.2.0", + "bundle-dependencies@1.0.2|yargs-parser@2.1.0" + ] + }, + { + "ref": "demo-bundled-deps@0.0.0", + "dependsOn": [ + "bundle-dependencies@1.0.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm10_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm10_node22_macos-latest.snap.json new file mode 100644 index 00000000..303314d9 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm10_node22_macos-latest.snap.json @@ -0,0 +1,269 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "purl": "pkg:npm/%40types/node@20.12.8", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "scope": "optional", + "purl": "pkg:npm/%40types/uuid@8.3.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "scope": "optional", + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "scope": "optional", + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm10_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm10_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..303314d9 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm10_node22_ubuntu-latest.snap.json @@ -0,0 +1,269 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "purl": "pkg:npm/%40types/node@20.12.8", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "scope": "optional", + "purl": "pkg:npm/%40types/uuid@8.3.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "scope": "optional", + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "scope": "optional", + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm10_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm10_node22_windows-latest.snap.json new file mode 100644 index 00000000..ed128b1a --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm10_node22_windows-latest.snap.json @@ -0,0 +1,269 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "purl": "pkg:npm/%40types/node@20.12.8", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types\\node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "scope": "optional", + "purl": "pkg:npm/%40types/uuid@8.3.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types\\uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "scope": "optional", + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "scope": "optional", + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm6_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm6_node22_macos-latest.snap.json new file mode 100644 index 00000000..119f478f --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm6_node22_macos-latest.snap.json @@ -0,0 +1,374 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "description": "TypeScript definitions for node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/node@20.12.8#types/node", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "description": "TypeScript definitions for uuid", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/uuid@8.3.4#types/uuid", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/uuid", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/uuid", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "description": "A stand-alone types package for Undici", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/nodejs/undici/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/nodejs/undici.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://undici.nodejs.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "description": "RFC4122 (v1, v4, and v5) UUIDs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/uuidjs/uuid/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/uuidjs/uuid.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/uuidjs/uuid#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "description": "uuidv4 creates v4 UUIDs.", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/thenativeweb/uuidv4/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/thenativeweb/uuidv4.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thenativeweb/uuidv4#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm6_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm6_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..119f478f --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm6_node22_ubuntu-latest.snap.json @@ -0,0 +1,374 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "description": "TypeScript definitions for node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/node@20.12.8#types/node", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "description": "TypeScript definitions for uuid", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/uuid@8.3.4#types/uuid", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/uuid", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/uuid", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "description": "A stand-alone types package for Undici", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/nodejs/undici/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/nodejs/undici.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://undici.nodejs.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "description": "RFC4122 (v1, v4, and v5) UUIDs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/uuidjs/uuid/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/uuidjs/uuid.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/uuidjs/uuid#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "description": "uuidv4 creates v4 UUIDs.", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/thenativeweb/uuidv4/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/thenativeweb/uuidv4.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thenativeweb/uuidv4#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm6_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm6_node22_windows-latest.snap.json new file mode 100644 index 00000000..95e284b4 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm6_node22_windows-latest.snap.json @@ -0,0 +1,374 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "description": "TypeScript definitions for node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/node@20.12.8#types/node", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types\\node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "description": "TypeScript definitions for uuid", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/uuid@8.3.4#types/uuid", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/uuid", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/uuid", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types\\uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "description": "A stand-alone types package for Undici", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/nodejs/undici/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/nodejs/undici.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://undici.nodejs.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "description": "RFC4122 (v1, v4, and v5) UUIDs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/uuidjs/uuid/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/uuidjs/uuid.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/uuidjs/uuid#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "description": "uuidv4 creates v4 UUIDs.", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/thenativeweb/uuidv4/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/thenativeweb/uuidv4.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thenativeweb/uuidv4#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm7_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm7_node22_macos-latest.snap.json new file mode 100644 index 00000000..f19976c8 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm7_node22_macos-latest.snap.json @@ -0,0 +1,269 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "purl": "pkg:npm/%40types/node@20.12.8", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "scope": "optional", + "purl": "pkg:npm/%40types/uuid@8.3.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "scope": "optional", + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "scope": "optional", + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm7_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm7_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..f19976c8 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm7_node22_ubuntu-latest.snap.json @@ -0,0 +1,269 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "purl": "pkg:npm/%40types/node@20.12.8", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "scope": "optional", + "purl": "pkg:npm/%40types/uuid@8.3.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "scope": "optional", + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "scope": "optional", + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm7_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm7_node22_windows-latest.snap.json new file mode 100644 index 00000000..0ba9a42e --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm7_node22_windows-latest.snap.json @@ -0,0 +1,269 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "purl": "pkg:npm/%40types/node@20.12.8", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types\\node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "scope": "optional", + "purl": "pkg:npm/%40types/uuid@8.3.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types\\uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "scope": "optional", + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "scope": "optional", + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm8_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm8_node22_macos-latest.snap.json new file mode 100644 index 00000000..f61cfcf1 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm8_node22_macos-latest.snap.json @@ -0,0 +1,269 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "purl": "pkg:npm/%40types/node@20.12.8", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "scope": "optional", + "purl": "pkg:npm/%40types/uuid@8.3.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "scope": "optional", + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "scope": "optional", + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm8_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm8_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..f61cfcf1 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm8_node22_ubuntu-latest.snap.json @@ -0,0 +1,269 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "purl": "pkg:npm/%40types/node@20.12.8", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "scope": "optional", + "purl": "pkg:npm/%40types/uuid@8.3.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "scope": "optional", + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "scope": "optional", + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm8_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm8_node22_windows-latest.snap.json new file mode 100644 index 00000000..5959c6d8 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm8_node22_windows-latest.snap.json @@ -0,0 +1,269 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "purl": "pkg:npm/%40types/node@20.12.8", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types\\node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "scope": "optional", + "purl": "pkg:npm/%40types/uuid@8.3.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types\\uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "scope": "optional", + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "scope": "optional", + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm9_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm9_node22_macos-latest.snap.json new file mode 100644 index 00000000..3d7ffb56 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm9_node22_macos-latest.snap.json @@ -0,0 +1,269 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "purl": "pkg:npm/%40types/node@20.12.8", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "scope": "optional", + "purl": "pkg:npm/%40types/uuid@8.3.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "scope": "optional", + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "scope": "optional", + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm9_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm9_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..3d7ffb56 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm9_node22_ubuntu-latest.snap.json @@ -0,0 +1,269 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "purl": "pkg:npm/%40types/node@20.12.8", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "scope": "optional", + "purl": "pkg:npm/%40types/uuid@8.3.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "scope": "optional", + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "scope": "optional", + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm9_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm9_node22_windows-latest.snap.json new file mode 100644 index 00000000..46b44e8d --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/dev-dependencies_npm9_node22_windows-latest.snap.json @@ -0,0 +1,269 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-dev-dependencies", + "version": "0.0.0", + "bom-ref": "demo-dev-dependencies@0.0.0", + "description": "demo: demo-dev-dependencies -- showcase how devDependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-dev-dependencies@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.12.8", + "bom-ref": "@types/node@20.12.8", + "purl": "pkg:npm/%40types/node@20.12.8", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.12.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354d2b24b267b21656744ff4f7b71d0816f25b5878844834c69a2f72801060797c767132a7f3403a2138e69bdcf817750edfb6afde2fd9e185a5027847b83edb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types\\node" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "8.3.4", + "bom-ref": "@types/uuid@8.3.4", + "scope": "optional", + "purl": "pkg:npm/%40types/uuid@8.3.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73f23c6516f9d63fa960602ee42ac5311c6a67691ee32da0ac404ee4052381291293ea93d846be39d584973fce88c7f930da67d9bd7b92e541c192d0257ce287" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types\\uuid" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "8.3.2", + "bom-ref": "uuid@8.3.2", + "scope": "optional", + "purl": "pkg:npm/uuid@8.3.2", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8d62cd9078c5b2f865853849bdc679fa1c20e9d25ed0043ee697cccb52627ef77439345d0da1c12b9f09139175453625f7fdfa42e9a7d2f0385bfe0cfb47b7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:development", + "value": "true" + }, + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "uuidv4", + "version": "6.2.13", + "bom-ref": "uuidv4@6.2.13", + "scope": "optional", + "purl": "pkg:npm/uuidv4@6.2.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/uuidv4/-/uuidv4-6.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "017cb33236b3601de8bcbdead39d552c7d3a2318fffca9f1ed09d44a2d53fff21ede2a3a0a9b0fbbd9d530ec793282d687ac55d01f49d2121ac6e9e0c5751b3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuidv4" + } + ] + } + ], + "dependencies": [ + { + "ref": "@types/node@20.12.8", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/uuid@8.3.4" + }, + { + "ref": "demo-dev-dependencies@0.0.0", + "dependsOn": [ + "@types/node@20.12.8", + "@types/uuid@8.3.4", + "uuid@8.3.2", + "uuidv4@6.2.13" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "uuid@8.3.2" + }, + { + "ref": "uuidv4@6.2.13", + "dependsOn": [ + "@types/uuid@8.3.4", + "uuid@8.3.2" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm10_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm10_node22_macos-latest.snap.json new file mode 100644 index 00000000..621c47a1 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm10_node22_macos-latest.snap.json @@ -0,0 +1,166 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b", + "version": "0.0.0", + "bom-ref": "my-local-b@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-noname", + "version": "0.0.0", + "bom-ref": "my-noname@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-noname@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-noname" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "my-local-a@0.0.0", + "my-noname@0.0.0" + ] + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b@0.0.0" + ] + }, + { + "ref": "my-local-b@0.0.0" + }, + { + "ref": "my-noname@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm10_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm10_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..621c47a1 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm10_node22_ubuntu-latest.snap.json @@ -0,0 +1,166 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b", + "version": "0.0.0", + "bom-ref": "my-local-b@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-noname", + "version": "0.0.0", + "bom-ref": "my-noname@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-noname@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-noname" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "my-local-a@0.0.0", + "my-noname@0.0.0" + ] + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b@0.0.0" + ] + }, + { + "ref": "my-local-b@0.0.0" + }, + { + "ref": "my-noname@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm10_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm10_node22_windows-latest.snap.json new file mode 100644 index 00000000..621c47a1 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm10_node22_windows-latest.snap.json @@ -0,0 +1,166 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b", + "version": "0.0.0", + "bom-ref": "my-local-b@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-noname", + "version": "0.0.0", + "bom-ref": "my-noname@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-noname@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-noname" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "my-local-a@0.0.0", + "my-noname@0.0.0" + ] + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b@0.0.0" + ] + }, + { + "ref": "my-local-b@0.0.0" + }, + { + "ref": "my-noname@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm6_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm6_node22_macos-latest.snap.json new file mode 100644 index 00000000..3f252d96 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm6_node22_macos-latest.snap.json @@ -0,0 +1,179 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "description": "demo: my-local-a", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-deps/project/packages/my-local-a", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-deps/project/packages/my-local-a", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "description": "demo: my-local-b-off - a package with a different name than its dir", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "DummyComponent.InterferedDependency.my-noname", + "bom-ref": "DummyComponent.InterferedDependency.my-noname", + "description": "This is a dummy component \"InterferedDependency.my-noname\" that fills the gap where the actual built failed." + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "DummyComponent.InterferedDependency.my-noname", + "my-local-a@0.0.0" + ] + }, + { + "ref": "DummyComponent.InterferedDependency.my-noname" + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm6_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm6_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..3f252d96 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm6_node22_ubuntu-latest.snap.json @@ -0,0 +1,179 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "description": "demo: my-local-a", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-deps/project/packages/my-local-a", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-deps/project/packages/my-local-a", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "description": "demo: my-local-b-off - a package with a different name than its dir", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "DummyComponent.InterferedDependency.my-noname", + "bom-ref": "DummyComponent.InterferedDependency.my-noname", + "description": "This is a dummy component \"InterferedDependency.my-noname\" that fills the gap where the actual built failed." + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "DummyComponent.InterferedDependency.my-noname", + "my-local-a@0.0.0" + ] + }, + { + "ref": "DummyComponent.InterferedDependency.my-noname" + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm6_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm6_node22_windows-latest.snap.json new file mode 100644 index 00000000..3f252d96 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm6_node22_windows-latest.snap.json @@ -0,0 +1,179 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "description": "demo: my-local-a", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-deps/project/packages/my-local-a", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-deps/project/packages/my-local-a", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "description": "demo: my-local-b-off - a package with a different name than its dir", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "DummyComponent.InterferedDependency.my-noname", + "bom-ref": "DummyComponent.InterferedDependency.my-noname", + "description": "This is a dummy component \"InterferedDependency.my-noname\" that fills the gap where the actual built failed." + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "DummyComponent.InterferedDependency.my-noname", + "my-local-a@0.0.0" + ] + }, + { + "ref": "DummyComponent.InterferedDependency.my-noname" + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm7_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm7_node22_macos-latest.snap.json new file mode 100644 index 00000000..4479b21f --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm7_node22_macos-latest.snap.json @@ -0,0 +1,166 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b", + "version": "0.0.0", + "bom-ref": "my-local-b@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-noname", + "version": "0.0.0", + "bom-ref": "my-noname@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-noname@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-noname" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "my-local-a@0.0.0", + "my-noname@0.0.0" + ] + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b@0.0.0" + ] + }, + { + "ref": "my-local-b@0.0.0" + }, + { + "ref": "my-noname@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm7_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm7_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..4479b21f --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm7_node22_ubuntu-latest.snap.json @@ -0,0 +1,166 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b", + "version": "0.0.0", + "bom-ref": "my-local-b@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-noname", + "version": "0.0.0", + "bom-ref": "my-noname@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-noname@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-noname" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "my-local-a@0.0.0", + "my-noname@0.0.0" + ] + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b@0.0.0" + ] + }, + { + "ref": "my-local-b@0.0.0" + }, + { + "ref": "my-noname@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm7_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm7_node22_windows-latest.snap.json new file mode 100644 index 00000000..4479b21f --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm7_node22_windows-latest.snap.json @@ -0,0 +1,166 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b", + "version": "0.0.0", + "bom-ref": "my-local-b@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-noname", + "version": "0.0.0", + "bom-ref": "my-noname@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-noname@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-noname" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "my-local-a@0.0.0", + "my-noname@0.0.0" + ] + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b@0.0.0" + ] + }, + { + "ref": "my-local-b@0.0.0" + }, + { + "ref": "my-noname@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm8_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm8_node22_macos-latest.snap.json new file mode 100644 index 00000000..57104fc8 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm8_node22_macos-latest.snap.json @@ -0,0 +1,166 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b", + "version": "0.0.0", + "bom-ref": "my-local-b@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-noname", + "version": "0.0.0", + "bom-ref": "my-noname@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-noname@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-noname" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "my-local-a@0.0.0", + "my-noname@0.0.0" + ] + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b@0.0.0" + ] + }, + { + "ref": "my-local-b@0.0.0" + }, + { + "ref": "my-noname@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm8_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm8_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..57104fc8 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm8_node22_ubuntu-latest.snap.json @@ -0,0 +1,166 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b", + "version": "0.0.0", + "bom-ref": "my-local-b@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-noname", + "version": "0.0.0", + "bom-ref": "my-noname@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-noname@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-noname" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "my-local-a@0.0.0", + "my-noname@0.0.0" + ] + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b@0.0.0" + ] + }, + { + "ref": "my-local-b@0.0.0" + }, + { + "ref": "my-noname@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm8_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm8_node22_windows-latest.snap.json new file mode 100644 index 00000000..57104fc8 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm8_node22_windows-latest.snap.json @@ -0,0 +1,166 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b", + "version": "0.0.0", + "bom-ref": "my-local-b@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-noname", + "version": "0.0.0", + "bom-ref": "my-noname@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-noname@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-noname" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "my-local-a@0.0.0", + "my-noname@0.0.0" + ] + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b@0.0.0" + ] + }, + { + "ref": "my-local-b@0.0.0" + }, + { + "ref": "my-noname@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm9_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm9_node22_macos-latest.snap.json new file mode 100644 index 00000000..4baede93 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm9_node22_macos-latest.snap.json @@ -0,0 +1,166 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b", + "version": "0.0.0", + "bom-ref": "my-local-b@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-noname", + "version": "0.0.0", + "bom-ref": "my-noname@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-noname@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-noname" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "my-local-a@0.0.0", + "my-noname@0.0.0" + ] + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b@0.0.0" + ] + }, + { + "ref": "my-local-b@0.0.0" + }, + { + "ref": "my-noname@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm9_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm9_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..4baede93 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm9_node22_ubuntu-latest.snap.json @@ -0,0 +1,166 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b", + "version": "0.0.0", + "bom-ref": "my-local-b@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-noname", + "version": "0.0.0", + "bom-ref": "my-noname@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-noname@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-noname" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "my-local-a@0.0.0", + "my-noname@0.0.0" + ] + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b@0.0.0" + ] + }, + { + "ref": "my-local-b@0.0.0" + }, + { + "ref": "my-noname@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm9_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm9_node22_windows-latest.snap.json new file mode 100644 index 00000000..4baede93 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/local-dependencies_npm9_node22_windows-latest.snap.json @@ -0,0 +1,166 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-local-deps", + "version": "0.0.0", + "bom-ref": "demo-local-deps@0.0.0", + "description": "demo: demo-local-deps -- showcase how local dependencies look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-local-deps@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.0.0", + "bom-ref": "my-local-a@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b", + "version": "0.0.0", + "bom-ref": "my-local-b@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-noname", + "version": "0.0.0", + "bom-ref": "my-noname@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-noname@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-noname" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-local-deps@0.0.0", + "dependsOn": [ + "my-local-a@0.0.0", + "my-noname@0.0.0" + ] + }, + { + "ref": "my-local-a@0.0.0", + "dependsOn": [ + "my-local-b@0.0.0" + ] + }, + { + "ref": "my-local-b@0.0.0" + }, + { + "ref": "my-noname@0.0.0" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm10_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm10_node22_macos-latest.snap.json new file mode 100644 index 00000000..585d8749 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm10_node22_macos-latest.snap.json @@ -0,0 +1,171 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-workspaces", + "version": "0.0.0", + "bom-ref": "demo-workspaces@0.0.0", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-workspaces@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.1.0", + "bom-ref": "my-local-a@0.1.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.1.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-local-c", + "version": "0.23.42", + "bom-ref": "my-local-c@0.23.42", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-c@0.23.42", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-c" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-workspaces@0.0.0", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0", + "my-local-c@0.23.42" + ] + }, + { + "ref": "my-local-a@0.1.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + }, + { + "ref": "my-local-c@0.23.42", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm10_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm10_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..585d8749 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm10_node22_ubuntu-latest.snap.json @@ -0,0 +1,171 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-workspaces", + "version": "0.0.0", + "bom-ref": "demo-workspaces@0.0.0", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-workspaces@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.1.0", + "bom-ref": "my-local-a@0.1.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.1.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-local-c", + "version": "0.23.42", + "bom-ref": "my-local-c@0.23.42", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-c@0.23.42", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-c" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-workspaces@0.0.0", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0", + "my-local-c@0.23.42" + ] + }, + { + "ref": "my-local-a@0.1.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + }, + { + "ref": "my-local-c@0.23.42", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm10_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm10_node22_windows-latest.snap.json new file mode 100644 index 00000000..585d8749 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm10_node22_windows-latest.snap.json @@ -0,0 +1,171 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-workspaces", + "version": "0.0.0", + "bom-ref": "demo-workspaces@0.0.0", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-workspaces@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.1.0", + "bom-ref": "my-local-a@0.1.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.1.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-local-c", + "version": "0.23.42", + "bom-ref": "my-local-c@0.23.42", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-c@0.23.42", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-c" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-workspaces@0.0.0", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0", + "my-local-c@0.23.42" + ] + }, + { + "ref": "my-local-a@0.1.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + }, + { + "ref": "my-local-c@0.23.42", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm7_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm7_node22_macos-latest.snap.json new file mode 100644 index 00000000..8a30c327 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm7_node22_macos-latest.snap.json @@ -0,0 +1,171 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-workspaces", + "version": "0.0.0", + "bom-ref": "demo-workspaces@0.0.0", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-workspaces@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.1.0", + "bom-ref": "my-local-a@0.1.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.1.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-local-c", + "version": "0.23.42", + "bom-ref": "my-local-c@0.23.42", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-c@0.23.42", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-c" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-workspaces@0.0.0", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0", + "my-local-c@0.23.42" + ] + }, + { + "ref": "my-local-a@0.1.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + }, + { + "ref": "my-local-c@0.23.42", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm7_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm7_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..8a30c327 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm7_node22_ubuntu-latest.snap.json @@ -0,0 +1,171 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-workspaces", + "version": "0.0.0", + "bom-ref": "demo-workspaces@0.0.0", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-workspaces@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.1.0", + "bom-ref": "my-local-a@0.1.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.1.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-local-c", + "version": "0.23.42", + "bom-ref": "my-local-c@0.23.42", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-c@0.23.42", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-c" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-workspaces@0.0.0", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0", + "my-local-c@0.23.42" + ] + }, + { + "ref": "my-local-a@0.1.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + }, + { + "ref": "my-local-c@0.23.42", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm7_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm7_node22_windows-latest.snap.json new file mode 100644 index 00000000..8a30c327 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm7_node22_windows-latest.snap.json @@ -0,0 +1,171 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-workspaces", + "version": "0.0.0", + "bom-ref": "demo-workspaces@0.0.0", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-workspaces@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.1.0", + "bom-ref": "my-local-a@0.1.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.1.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-local-c", + "version": "0.23.42", + "bom-ref": "my-local-c@0.23.42", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-c@0.23.42", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-c" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-workspaces@0.0.0", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0", + "my-local-c@0.23.42" + ] + }, + { + "ref": "my-local-a@0.1.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + }, + { + "ref": "my-local-c@0.23.42", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm8_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm8_node22_macos-latest.snap.json new file mode 100644 index 00000000..3e9d278e --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm8_node22_macos-latest.snap.json @@ -0,0 +1,171 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-workspaces", + "version": "0.0.0", + "bom-ref": "demo-workspaces@0.0.0", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-workspaces@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.1.0", + "bom-ref": "my-local-a@0.1.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.1.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-local-c", + "version": "0.23.42", + "bom-ref": "my-local-c@0.23.42", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-c@0.23.42", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-c" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-workspaces@0.0.0", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0", + "my-local-c@0.23.42" + ] + }, + { + "ref": "my-local-a@0.1.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + }, + { + "ref": "my-local-c@0.23.42", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm8_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm8_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..3e9d278e --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm8_node22_ubuntu-latest.snap.json @@ -0,0 +1,171 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-workspaces", + "version": "0.0.0", + "bom-ref": "demo-workspaces@0.0.0", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-workspaces@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.1.0", + "bom-ref": "my-local-a@0.1.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.1.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-local-c", + "version": "0.23.42", + "bom-ref": "my-local-c@0.23.42", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-c@0.23.42", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-c" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-workspaces@0.0.0", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0", + "my-local-c@0.23.42" + ] + }, + { + "ref": "my-local-a@0.1.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + }, + { + "ref": "my-local-c@0.23.42", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm8_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm8_node22_windows-latest.snap.json new file mode 100644 index 00000000..3e9d278e --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm8_node22_windows-latest.snap.json @@ -0,0 +1,171 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-workspaces", + "version": "0.0.0", + "bom-ref": "demo-workspaces@0.0.0", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-workspaces@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.1.0", + "bom-ref": "my-local-a@0.1.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.1.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-local-c", + "version": "0.23.42", + "bom-ref": "my-local-c@0.23.42", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-c@0.23.42", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-c" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-workspaces@0.0.0", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0", + "my-local-c@0.23.42" + ] + }, + { + "ref": "my-local-a@0.1.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + }, + { + "ref": "my-local-c@0.23.42", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm9_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm9_node22_macos-latest.snap.json new file mode 100644 index 00000000..54700647 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm9_node22_macos-latest.snap.json @@ -0,0 +1,171 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-workspaces", + "version": "0.0.0", + "bom-ref": "demo-workspaces@0.0.0", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-workspaces@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.1.0", + "bom-ref": "my-local-a@0.1.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.1.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-local-c", + "version": "0.23.42", + "bom-ref": "my-local-c@0.23.42", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-c@0.23.42", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-c" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-workspaces@0.0.0", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0", + "my-local-c@0.23.42" + ] + }, + { + "ref": "my-local-a@0.1.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + }, + { + "ref": "my-local-c@0.23.42", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm9_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm9_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..54700647 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm9_node22_ubuntu-latest.snap.json @@ -0,0 +1,171 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-workspaces", + "version": "0.0.0", + "bom-ref": "demo-workspaces@0.0.0", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-workspaces@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.1.0", + "bom-ref": "my-local-a@0.1.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.1.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-local-c", + "version": "0.23.42", + "bom-ref": "my-local-c@0.23.42", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-c@0.23.42", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-c" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-workspaces@0.0.0", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0", + "my-local-c@0.23.42" + ] + }, + { + "ref": "my-local-a@0.1.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + }, + { + "ref": "my-local-c@0.23.42", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm9_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm9_node22_windows-latest.snap.json new file mode 100644 index 00000000..54700647 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/local-workspaces_npm9_node22_windows-latest.snap.json @@ -0,0 +1,171 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-workspaces", + "version": "0.0.0", + "bom-ref": "demo-workspaces@0.0.0", + "description": "demo: demo-workspaces -- showcase how workspaces look like", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/demo-workspaces@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "my-local-a", + "version": "0.1.0", + "bom-ref": "my-local-a@0.1.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-a@0.1.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-a" + } + ] + }, + { + "type": "library", + "name": "my-local-b-off", + "version": "0.0.0", + "bom-ref": "my-local-b-off@0.0.0", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-b-off@0.0.0", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-b-off" + } + ] + }, + { + "type": "library", + "name": "my-local-c", + "version": "0.23.42", + "bom-ref": "my-local-c@0.23.42", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/my-local-c@0.23.42", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/my-local-c" + } + ] + } + ], + "dependencies": [ + { + "ref": "demo-workspaces@0.0.0", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0", + "my-local-c@0.23.42" + ] + }, + { + "ref": "my-local-a@0.1.0", + "dependsOn": [ + "my-local-b-off@0.0.0" + ] + }, + { + "ref": "my-local-b-off@0.0.0" + }, + { + "ref": "my-local-c@0.23.42", + "dependsOn": [ + "my-local-a@0.1.0", + "my-local-b-off@0.0.0" + ] + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm10_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm10_node22_macos-latest.snap.json new file mode 100644 index 00000000..b0667728 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm10_node22_macos-latest.snap.json @@ -0,0 +1,271 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "-/demo-package-integrity@-", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ] + }, + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer/node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "-/demo-package-integrity@-", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm10_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm10_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..b0667728 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm10_node22_ubuntu-latest.snap.json @@ -0,0 +1,271 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "-/demo-package-integrity@-", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ] + }, + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer/node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "-/demo-package-integrity@-", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm10_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm10_node22_windows-latest.snap.json new file mode 100644 index 00000000..86a6b8dd --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm10_node22_windows-latest.snap.json @@ -0,0 +1,271 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "-/demo-package-integrity@-", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ] + }, + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer\\node_modules\\base64-js" + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "-/demo-package-integrity@-", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm6_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm6_node22_macos-latest.snap.json new file mode 100644 index 00000000..b307e7b7 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm6_node22_macos-latest.snap.json @@ -0,0 +1,356 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "demo-package-integrity@", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "author": "T. Jameson Little", + "description": "Base64 encoding/decoding in pure JS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/beatgammit/base64-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/beatgammit/base64-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/beatgammit/base64-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "author": "Feross Aboukhadijeh", + "description": "Node.js Buffer API, for the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/feross/buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/feross/buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/buffer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ] + }, + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "author": "T. Jameson Little", + "description": "Base64 encoding/decoding in pure JS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/beatgammit/base64-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/beatgammit/base64-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/beatgammit/base64-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer/node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "author": "Feross Aboukhadijeh", + "description": "Read/write IEEE754 floating point numbers from/to a Buffer or array-like object", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/feross/ieee754/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/feross/ieee754.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/ieee754#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "author": "kael", + "description": "Ignore is a manager and filter for .gitignore rules, the one used by eslint, gitbook and many others.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/kaelzhang/node-ignore.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "demo-package-integrity@", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm6_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm6_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..b307e7b7 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm6_node22_ubuntu-latest.snap.json @@ -0,0 +1,356 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "demo-package-integrity@", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "author": "T. Jameson Little", + "description": "Base64 encoding/decoding in pure JS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/beatgammit/base64-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/beatgammit/base64-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/beatgammit/base64-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "author": "Feross Aboukhadijeh", + "description": "Node.js Buffer API, for the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/feross/buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/feross/buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/buffer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ] + }, + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "author": "T. Jameson Little", + "description": "Base64 encoding/decoding in pure JS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/beatgammit/base64-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/beatgammit/base64-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/beatgammit/base64-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer/node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "author": "Feross Aboukhadijeh", + "description": "Read/write IEEE754 floating point numbers from/to a Buffer or array-like object", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/feross/ieee754/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/feross/ieee754.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/ieee754#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "author": "kael", + "description": "Ignore is a manager and filter for .gitignore rules, the one used by eslint, gitbook and many others.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/kaelzhang/node-ignore.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "demo-package-integrity@", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm6_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm6_node22_windows-latest.snap.json new file mode 100644 index 00000000..b7b50141 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm6_node22_windows-latest.snap.json @@ -0,0 +1,356 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "demo-package-integrity@", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "author": "T. Jameson Little", + "description": "Base64 encoding/decoding in pure JS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/beatgammit/base64-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/beatgammit/base64-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/beatgammit/base64-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "author": "Feross Aboukhadijeh", + "description": "Node.js Buffer API, for the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/feross/buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/feross/buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/buffer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ] + }, + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "author": "T. Jameson Little", + "description": "Base64 encoding/decoding in pure JS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/beatgammit/base64-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/beatgammit/base64-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/beatgammit/base64-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer\\node_modules\\base64-js" + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "author": "Feross Aboukhadijeh", + "description": "Read/write IEEE754 floating point numbers from/to a Buffer or array-like object", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/feross/ieee754/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git://github.com/feross/ieee754.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/ieee754#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "author": "kael", + "description": "Ignore is a manager and filter for .gitignore rules, the one used by eslint, gitbook and many others.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+ssh://git@github.com/kaelzhang/node-ignore.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "demo-package-integrity@", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm7_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm7_node22_macos-latest.snap.json new file mode 100644 index 00000000..cfd186a1 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm7_node22_macos-latest.snap.json @@ -0,0 +1,271 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "-/demo-package-integrity@-", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ] + }, + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer/node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "-/demo-package-integrity@-", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm7_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm7_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..cfd186a1 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm7_node22_ubuntu-latest.snap.json @@ -0,0 +1,271 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "-/demo-package-integrity@-", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ] + }, + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer/node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "-/demo-package-integrity@-", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm7_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm7_node22_windows-latest.snap.json new file mode 100644 index 00000000..5beb6da2 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm7_node22_windows-latest.snap.json @@ -0,0 +1,271 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "-/demo-package-integrity@-", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ] + }, + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer\\node_modules\\base64-js" + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "-/demo-package-integrity@-", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm8_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm8_node22_macos-latest.snap.json new file mode 100644 index 00000000..e7a9b054 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm8_node22_macos-latest.snap.json @@ -0,0 +1,271 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "-/demo-package-integrity@-", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ] + }, + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer/node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "-/demo-package-integrity@-", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm8_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm8_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..e7a9b054 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm8_node22_ubuntu-latest.snap.json @@ -0,0 +1,271 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "-/demo-package-integrity@-", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ] + }, + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer/node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "-/demo-package-integrity@-", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm8_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm8_node22_windows-latest.snap.json new file mode 100644 index 00000000..dc165558 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm8_node22_windows-latest.snap.json @@ -0,0 +1,271 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "-/demo-package-integrity@-", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ] + }, + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer\\node_modules\\base64-js" + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "-/demo-package-integrity@-", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm9_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm9_node22_macos-latest.snap.json new file mode 100644 index 00000000..6fd7d1cb --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm9_node22_macos-latest.snap.json @@ -0,0 +1,271 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "-/demo-package-integrity@-", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ] + }, + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer/node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "-/demo-package-integrity@-", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm9_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm9_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..6fd7d1cb --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm9_node22_ubuntu-latest.snap.json @@ -0,0 +1,271 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "-/demo-package-integrity@-", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ] + }, + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer/node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "-/demo-package-integrity@-", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm9_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm9_node22_windows-latest.snap.json new file mode 100644 index 00000000..73be2e39 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-integrity_npm9_node22_windows-latest.snap.json @@ -0,0 +1,271 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-integrity", + "bom-ref": "-/demo-package-integrity@-", + "description": "demo: package-integrity -- packages with different integrity information.", + "purl": "pkg:npm/demo-package-integrity", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "base64-js", + "version": "1.0.1", + "bom-ref": "base64-js@1.0.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.0.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "6926d1b194fbc737b8eed513756de2fcda7ea408" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/base64-js" + } + ] + }, + { + "type": "library", + "name": "buffer", + "version": "5.4.3", + "bom-ref": "buffer@5.4.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer@5.4.3", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/buffer/-/buffer-5.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-384", + "content": "e61d498b4e0d47671b8e26354a16f2d7a48f077044b42496c5519dc0f5fe00e7b07982b54808f22cb81b278997000554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer" + } + ] + }, + { + "type": "library", + "name": "base64-js", + "version": "1.3.1", + "bom-ref": "buffer@5.4.3|base64-js@1.3.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/base64-js@1.3.1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer\\node_modules\\base64-js" + } + ] + }, + { + "type": "library", + "name": "ieee754", + "version": "1.1.13", + "bom-ref": "ieee754@1.1.13", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/ieee754@1.1.13", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-256", + "content": "603e6b4c40da1551bbaabe8aa8a4b35f62f132b0b60e99906a59f0ad04d47ae2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ieee754" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.1.4", + "bom-ref": "ignore@5.1.4", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.1.4", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3336d449a8644d6d6eec9a4a2a363b2c20117757d4e56dab2ddc6533891d91acae0b06489a392996e17d08cd5a2dec18260b8f0ea7b02da9b5f18e8053af40f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + } + ], + "dependencies": [ + { + "ref": "-/demo-package-integrity@-", + "dependsOn": [ + "base64-js@1.0.1", + "buffer@5.4.3", + "ignore@5.1.4" + ] + }, + { + "ref": "base64-js@1.0.1" + }, + { + "ref": "buffer@5.4.3", + "dependsOn": [ + "buffer@5.4.3|base64-js@1.3.1", + "ieee754@1.1.13" + ] + }, + { + "ref": "buffer@5.4.3|base64-js@1.3.1" + }, + { + "ref": "ieee754@1.1.13" + }, + { + "ref": "ignore@5.1.4" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm10_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm10_node22_macos-latest.snap.json new file mode 100644 index 00000000..cbc8c2f4 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm10_node22_macos-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123+456", + "bom-ref": "demo-package-with-build-id@1.0.0-123+456", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123+456" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm10_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm10_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..cbc8c2f4 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm10_node22_ubuntu-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123+456", + "bom-ref": "demo-package-with-build-id@1.0.0-123+456", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123+456" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm10_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm10_node22_windows-latest.snap.json new file mode 100644 index 00000000..cbc8c2f4 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm10_node22_windows-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "10.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123+456", + "bom-ref": "demo-package-with-build-id@1.0.0-123+456", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123+456" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm6_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm6_node22_macos-latest.snap.json new file mode 100644 index 00000000..97bac489 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm6_node22_macos-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123", + "bom-ref": "demo-package-with-build-id@1.0.0-123", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm6_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm6_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..97bac489 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm6_node22_ubuntu-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123", + "bom-ref": "demo-package-with-build-id@1.0.0-123", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm6_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm6_node22_windows-latest.snap.json new file mode 100644 index 00000000..97bac489 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm6_node22_windows-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "6.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123", + "bom-ref": "demo-package-with-build-id@1.0.0-123", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm7_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm7_node22_macos-latest.snap.json new file mode 100644 index 00000000..5738d15d --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm7_node22_macos-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123+456", + "bom-ref": "demo-package-with-build-id@1.0.0-123+456", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123+456" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm7_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm7_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..5738d15d --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm7_node22_ubuntu-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123+456", + "bom-ref": "demo-package-with-build-id@1.0.0-123+456", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123+456" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm7_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm7_node22_windows-latest.snap.json new file mode 100644 index 00000000..5738d15d --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm7_node22_windows-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "7.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123+456", + "bom-ref": "demo-package-with-build-id@1.0.0-123+456", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123+456" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm8_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm8_node22_macos-latest.snap.json new file mode 100644 index 00000000..38b71556 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm8_node22_macos-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123+456", + "bom-ref": "demo-package-with-build-id@1.0.0-123+456", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123+456" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm8_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm8_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..38b71556 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm8_node22_ubuntu-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123+456", + "bom-ref": "demo-package-with-build-id@1.0.0-123+456", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123+456" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm8_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm8_node22_windows-latest.snap.json new file mode 100644 index 00000000..38b71556 --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm8_node22_windows-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "8.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123+456", + "bom-ref": "demo-package-with-build-id@1.0.0-123+456", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123+456" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm9_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm9_node22_macos-latest.snap.json new file mode 100644 index 00000000..45fefb6a --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm9_node22_macos-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123+456", + "bom-ref": "demo-package-with-build-id@1.0.0-123+456", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123+456" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm9_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm9_node22_ubuntu-latest.snap.json new file mode 100644 index 00000000..45fefb6a --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm9_node22_ubuntu-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123+456", + "bom-ref": "demo-package-with-build-id@1.0.0-123+456", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123+456" + } + ] +} \ No newline at end of file diff --git a/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm9_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm9_node22_windows-latest.snap.json new file mode 100644 index 00000000..45fefb6a --- /dev/null +++ b/tests/_data/sbom_demo-results/flatten-components/package-with-build-id_npm9_node22_windows-latest.snap.json @@ -0,0 +1,89 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "tools": [ + { + "name": "npm", + "version": "9.99.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "libVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "thisVersion-testing", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "demo-package-with-build-id", + "version": "1.0.0-123+456", + "bom-ref": "demo-package-with-build-id@1.0.0-123+456", + "description": "demo: package-with-build-id -- show how buildID in the version looks like", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456", + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues/551", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + }, + { + "name": "cdx:npm:package:private", + "value": "true" + } + ] + } + }, + "components": [], + "dependencies": [ + { + "ref": "demo-package-with-build-id@1.0.0-123+456" + } + ] +} \ No newline at end of file