sbom-cyclonedx.js - OpenGrok cross reference for /third_party/node/deps/npm/lib/utils/sbom-cyclonedx.js

Lines Matching +full:node +full:- +full:version
2 const normalizeData = require('normalize-package-data')
3 const parseLicense = require('spdx-expression-parse')
4 const npa = require('npm-package-arg')
7 const CYCLONEDX_SCHEMA = 'http://cyclonedx.org/schema/bom-1.5.schema.json'
19 const REF_ISSUE_TRACKER = 'issue-tracker'
23   sha1: 'SHA-1',
24   sha256: 'SHA-256',
25   sha384: 'SHA-384',
26   sha512: 'SHA-512',
30   const rootNode = nodes.find(node => node.isRoot)
31   const childNodes = nodes.filter(node => !node.isRoot && !node.isLink)
36   for (let node of nodes) {
37     if (node.isLink) {
38       node = node.target
41     if (seen.has(node)) {
44     seen.add(node)
45     deps.push(toCyclonedxDependency(node, nodes))
53     version: 1,  property
57         { phase: packageLockOnly ? 'pre-build' : 'build' },
63           version: npm.version,  property
75 const toCyclonedxItem = (node, { packageType }) => {
79   let spec = npa(node.pkgid)
81   const purl = npa.toPurl(spec) + (isGitNode(node) ? `?vcs_url=${node.resolved}` : '')
83   if (node.package) {
84     normalizeData(node.package)
89     let license = node.package?.license
102     'bom-ref': toCyclonedxID(node),
104     name: node.name,
105     version: node.version,  property
106     scope: (node.optional || node.devOptional) ? 'optional' : 'required',
107     author: (typeof node.package?.author === 'object')
108       ? node.package.author.name
109       : (node.package?.author || undefined),
110     description: node.package?.description || undefined,
114       value: node.location,
119   if (node.integrity) {
120     const integrity = ssri.parse(node.integrity, { single: true })
122       alg: ALGO_MAP[integrity.algorithm] || /* istanbul ignore next */ 'SHA-512',
127   if (node.dev === true) {
131   if (node.package?.private === true) {
135   if (node.extraneous === true) {
139   if (node.inBundle === true) {
143   if (!node.isLink && node.resolved) {
144     component.externalReferences.push(extRef(REF_DISTRIBUTION, node.resolved))
147   if (node.package?.repository?.url) {
148     component.externalReferences.push(extRef(REF_VCS, node.package.repository.url))
151   if (node.package?.homepage) {
152     component.externalReferences.push(extRef(REF_WEBSITE, node.package.homepage))
155   if (node.package?.bugs?.url) {
156     component.externalReferences.push(extRef(REF_ISSUE_TRACKER, node.package.bugs.url))
164     component.licenses = [{ expression: node.package.license }]
170 const toCyclonedxDependency = (node, nodes) => {
172     ref: toCyclonedxID(node),
173     dependsOn: [...node.edgesOut.values()]
181 const toCyclonedxID = (node) => `${node.packageName}@${node.version}`
187 const isGitNode = (node) => {  argument
188   if (!node.resolved) {
193     const { type } = npa(node.resolved)